Mercurial > hg > icedtea8-forest > jdk
changeset 12606:bdf93656feba icedtea-3.5.0 icedtea-3.6.0pre00
Merge jdk8u141-b15
line wrap: on
line diff
--- a/.hgtags Tue Jul 11 03:45:17 2017 +0100 +++ b/.hgtags Wed Jul 19 05:41:28 2017 +0100 @@ -730,3 +730,23 @@ c0091a673d766ce2e76a945bab6de325fe78dd88 jdk8u131-b10 cfc292a2c1c6af4e469e45cd896765e17f7d4c95 icedtea-3.4.0 c8bcda75cb18b043ba95feb0cb74c34b6a678ac1 icedtea-3.5.0pre01 +3ab471c4760a808e39406303ff33a25a542b9c75 jdk8u131-b11 +a160009bbe1417d85f1c0eec890fdb17391b3637 jdk8u141-b00 +e95a13de2d36050302a1af422967f5260fc8eabd jdk8u141-b01 +936085d9aff0554a3bdab2fcbbec1d1864e656a2 jdk8u141-b02 +070e24b47ae0a2af7c5a8b581ace0bfbe3629f00 jdk8u141-b03 +e5e3c33f57367b2b23d5e05a77b41948e9d4a1b9 jdk8u141-b04 +b3e7354e6ae8567294ae664bf4a1a38a6c0bde9f jdk8u141-b05 +c49f918efc4e6e2b8a1e771dba0c8de8d636660c jdk8u141-b06 +9fd2a2019a5b7f35957c43c83eb00e1ae371a95e jdk8u141-b07 +64261149b033dd6f625ccf7b4aaf7452baec82ef jdk8u141-b08 +276269460238f84410a70ffe735db9cf78651b8f jdk8u141-b09 +c92d704420d707d3016d8ee3a4239d1c57692ddd jdk8u141-b10 +3237f27a9d22ee02d0bfbd6f662a4d948d25a74f jdk8u141-b11 +2966589b3f330b6e676418b48d2960e294d35060 jdk8u141-b12 +2966589b3f330b6e676418b48d2960e294d35060 jdk8u141-b12 +0000000000000000000000000000000000000000 jdk8u141-b12 +0000000000000000000000000000000000000000 jdk8u141-b12 +996632997de8c889067dafd5a5827146e02c9130 jdk8u141-b12 +c6bc194fedb63b20c45c793405d215d206fb4654 jdk8u141-b13 +d630e23b8e36c2863225d7ae107c73a38d3e6102 jdk8u141-b14
--- a/THIRD_PARTY_README Tue Jul 11 03:45:17 2017 +0100 +++ b/THIRD_PARTY_README Wed Jul 19 05:41:28 2017 +0100 @@ -285,13 +285,53 @@ form with the JDK 8 and OpenJDK 8 source distributions, and as object code in the JRE 8 & JDK 8 runtimes. -In the case of the JRE 8 & JDK 8 runtimes, the terms of the Oracle license do +In the case of the JRE & JDK runtimes, the terms of the Oracle license do NOT apply to the Elliptic Curve Cryptography library; it is licensed under the following license, separately from Oracle's JDK & JRE. If you do not wish to -install the Elliptic Curve Cryptography library, you may delete the library -named libsunec.so (on Solaris and Linux systems) or sunec.dll (on Windows -systems) from the JRE bin directory reserved for native libraries. - +install the Elliptic Curve Cryptography library, you may delete the +Elliptic Curve Cryptography library: + - On Solaris and Linux systems: delete $(JAVA_HOME)/lib/libsunec.so + - On Windows systems: delete $(JAVA_HOME)\bin\sunec.dll + - On Mac systems, delete: + for JRE: /Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/libsunec.dylib + for JDK: $(JAVA_HOME)/jre/lib/libsunec.dylib + +Written Offer for ECC Source Code + For third party technology that you receive from Oracle in binary form + which is licensed under an open source license that gives you the right + to receive the source code for that binary, you can obtain a copy of + the applicable source code from this page: + http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/file/tip/src/share/native/sun/security/ec/impl + + If the source code for the technology was not provided to you with the + binary, you can also receive a copy of the source code on physical + media by submitting a written request to: + + Oracle America, Inc. + Attn: Associate General Counsel, + Development and Engineering Legal + 500 Oracle Parkway, 10th Floor + Redwood Shores, CA 94065 + + Or, you may send an email to Oracle using the form at: + http://www.oracle.com/goto/opensourcecode/request + + Your request should include: + - The name of the component or binary file(s) for which you are requesting + the source code + - The name and version number of the Oracle product containing the binary + - The date you received the Oracle product + - Your name + - Your company name (if applicable) + - Your return mailing address and email and + - A telephone number in the event we need to reach you. + + We may charge you a fee to cover the cost of physical media and processing. + Your request must be sent (i) within three (3) years of the date you + received the Oracle product that included the component or binary + file(s) that are the subject of your request, or (ii) in the case of + code licensed under the GPL v3, for as long as Oracle offers spare + parts or customer support for that product model. --- begin of LICENSE --- @@ -870,63 +910,6 @@ OF SUCH DAMAGE. --- end of LICENSE --- -%% This notice is provided with respect to Dynalink library which is included -with the Nashorn technology. - ---- begin of LICENSE --- -Copyright (c) 2009-2013, Attila Szegedi - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: -* Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -* Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. -* Neither the name of the copyright holder nor the names of - contributors may be used to endorse or promote products derived from - this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS -IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A -PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL COPYRIGHT HOLDER -BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR -BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ---- end of LICENSE --- - -%% This notice is provided with respect to Joni library which is included -with the Nashorn technology. - ---- begin of LICENSE --- -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies -of the Software, and to permit persons to whom the Software is furnished to do -so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - ---- end of LICENSE --- - -------------------------------------------------------------------------------- - %% This notice is provided with respect to FontConfig 2.5, which may be included with JRE 8, JDK 8, and OpenJDK 8 source distributions on Linux and Solaris. @@ -956,6 +939,74 @@ ------------------------------------------------------------------------------- +%% This notice is provided with respect to freebXML Registry 3.0 & 3.1, +which may be included with JRE 8, JDK 8, and OpenJDK 8. + +--- begin of LICENSE --- + +freebxml: Copyright (c) 2001 freebxml.org. All rights reserved. + +The names "The freebXML Registry Project" and "freebxml Software +Foundation" must not be used to endorse or promote products derived +from this software or be used in a product name without prior +written permission. For written permission, please contact +ebxmlrr-team@lists.sourceforge.net. + +This software consists of voluntary contributions made by many individuals +on behalf of the the freebxml Software Foundation. For more information on +the freebxml Software Foundation, please see <http://www.freebxml.org/>. + +This product includes software developed by the Apache Software Foundation +(http://www.apache.org/). + +The freebxml License, Version 1.1 5 +Copyright (c) 2001 freebxml.org. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + + 3. The end-user documentation included with the redistribution, if + any, must include the following acknowlegement: + "This product includes software developed by + freebxml.org (http://www.freebxml.org/)." + Alternately, this acknowlegement may appear in the software itself, + if and wherever such third-party acknowlegements normally appear. + + 4. The names "The freebXML Registry Project", "freebxml Software + Foundation" must not be used to endorse or promote products derived + from this software without prior written permission. For written + permission, please contact ebxmlrr-team@lists.sourceforge.net. + + 5. Products derived from this software may not be called "freebxml", + "freebXML Registry" nor may freebxml" appear in their names without + prior written permission of the freebxml Group. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE freebxml SOFTWARE FOUNDATION OR +ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +--- end of LICENSE --- + +------------------------------------------------------------------------------- + %% This notice is provided with respect to IAIK PKCS#11 Wrapper, which may be included with JRE 8, JDK 8, and OpenJDK 8. @@ -1083,6 +1134,47 @@ -------------------------------------------------------------------------------- +%% This notice is provided with respect to Jing 20030619, which may +be included with JRE 8, JDK 8, and OpenJDK 8. + +--- begin of LICENSE --- + +Copyright (c) 2001-2003 Thai Open Source Software Center Ltd All +rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + +Redistributions in binary form must reproduce the above copyright +notice, this list of conditions and the following disclaimer in the +documentation and/or other materials provided with the distribution. + +Neither the name of the Thai Open Source Software Center Ltd nor +the names of its contributors may be used to endorse or promote +products derived from this software without specific prior written +permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +--- end of LICENSE --- + +-------------------------------------------------------------------------------- + %% This notice is provided with respect to Joni v1.1.9, which may be included with JRE 8, JDK 8, and OpenJDK 8. @@ -1215,7 +1307,7 @@ ------------------------------------------------------------------------------- -%% Portions Copyright Eastman Kodak Company 1992 +%% Portions Copyright Eastman Kodak Company 1991-2003 ------------------------------------------------------------------------------- @@ -1339,8 +1431,8 @@ ------------------------------------------------------------------------------- -%% This notice is provided with respect to GIFLIB 5.1.1 & libungif 4.1.3, which may be -included with JRE 8, JDK 8, and OpenJDK 8. +%% This notice is provided with respect to GIFLIB 5.1.1 & libungif 4.1.3, +which may be included with JRE 8, JDK 8, and OpenJDK 8. --- begin of LICENSE --- @@ -1972,67 +2064,45 @@ ------------------------------------------------------------------------------- -%% This notice is provided with respect to SAX 2.0.1, which may be included -with JRE 8, JDK 8, and OpenJDK 8. - ---- begin of LICENSE --- - - SAX is free! - - In fact, it's not possible to own a license to SAX, since it's been placed in - the public domain. - - No Warranty - - Because SAX is released to the public domain, there is no warranty for the - design or for the software implementation, to the extent permitted by - applicable law. Except when otherwise stated in writing the copyright holders - and/or other parties provide SAX "as is" without warranty of any kind, either - expressed or implied, including, but not limited to, the implied warranties - of merchantability and fitness for a particular purpose. The entire risk as - to the quality and performance of SAX is with you. Should SAX prove - defective, you assume the cost of all necessary servicing, repair or - correction. - - In no event unless required by applicable law or agreed to in writing will - any copyright holder, or any other party who may modify and/or redistribute - SAX, be liable to you for damages, including any general, special, incidental - or consequential damages arising out of the use or inability to use SAX - (including but not limited to loss of data or data being rendered inaccurate - or losses sustained by you or third parties or a failure of the SAX to - operate with any other programs), even if such holder or other party has been - advised of the possibility of such damages. - - Copyright Disclaimers - - This page includes statements to that effect by David Megginson, who would - have been able to claim copyright for the original work. SAX 1.0 - - Version 1.0 of the Simple API for XML (SAX), created collectively by the - membership of the XML-DEV mailing list, is hereby released into the public - domain. - - No one owns SAX: you may use it freely in both commercial and non-commercial - applications, bundle it with your software distribution, include it on a - CD-ROM, list the source code in a book, mirror the documentation at your own - web site, or use it in any other way you see fit. - - David Megginson, sax@megginson.com - 1998-05-11 - - SAX 2.0 - - I hereby abandon any property rights to SAX 2.0 (the Simple API for XML), and - release all of the SAX 2.0 source code, compiled code, and documentation - contained in this distribution into the Public Domain. SAX comes with NO - WARRANTY or guarantee of fitness for any purpose. - - David Megginson, david@megginson.com - 2000-05-05 - ---- end of LICENSE --- - -------------------------------------------------------------------------------- +%% This notice is provided with respect to Relax NG Datatype 1.0, which +may be included with JRE 8, JDK 8, and OpenJDK 8. + +--- begin of LICENSE --- + +Copyright (c) 2005, 2010 Thai Open Source Software Center Ltd +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + + Neither the names of the copyright holders nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR +CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, +EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +--- end of LICENSE --- + +-------------------------------------------------------------------------------- %% This notice is provided with respect to SoftFloat version 2b, which may be included with JRE 8, JDK 8, and OpenJDK 8 on Linux/ARM. @@ -2518,58 +2588,66 @@ --- begin of LICENSE --- - Licenses -The X.Org Foundation March 2004 - -1. Introduction - -The X.org Foundation X Window System distribution is a compilation of code and -documentation from many sources. This document is intended primarily as a -guide to the licenses used in the distribution: you must check each file -and/or package for precise redistribution terms. None-the-less, this summary -may be useful to many users. No software incorporating the XFree86 1.1 license -has been incorporated. - -This document is based on the compilation from XFree86. - -2. XFree86 License - -XFree86 code without an explicit copyright is covered by the following -copyright/license: - -Copyright (C) 1994-2003 The XFree86 Project, Inc. All Rights Reserved. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. +This is the copyright for the files in src/solaris/native/sun/awt: list.h, +multiVis.h, wsutils.h, list.c, multiVis.c +Copyright (c) 1994 Hewlett-Packard Co. +Copyright (c) 1996 X Consortium + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be included +in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of the X Consortium shall +not be used in advertising or otherwise to promote the sale, use or +other dealings in this Software without prior written authorization +from the X Consortium. +___________________________ +The files in motif/lib/Xm/util included this copyright:mkdirhier.man, +xmkmf.man, chownxterm.c, makeg.man, mergelib.cpp, lndir.man, makestrs.man, +checktree.c, lndir.c, makestrs.c +Copyright (c) 1993, 1994 X Consortium + +Permission is hereby granted, free of charge, to any person obtaining a +copy of this software and associated documentation files (the "Software"), +to deal in the Software without restriction, including without limitation +the rights to use, copy, modify, merge, publish, distribute, sublicense, +and/or sell copies of the Software, and to permit persons to whom the +Software furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -XFREE86 PROJECT BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of the XFree86 Project shall not -be used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from the XFree86 Project. - -3. Other Licenses - -Portions of code are covered by the following licenses/copyrights. See -individual files for the copyright dates. - -3.1. X/MIT Copyrights - -3.1.1. X Consortium - -Copyright (C) <date> X Consortium +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF +OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + +Except as contained in this notice, the name of the X Consortium shall not +be used in advertising or otherwise to promote the sale, use or other +dealing in this Software without prior written authorization from the +X Consortium. +_____________________________ +Xmos_r.h: +/* +Copyright (c) 1996 X Consortium Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -2578,741 +2656,153 @@ copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE X -CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN -ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Except as contained in this notice, the name of the X Consortium shall not be -used in advertising or otherwise to promote the sale, use or other dealings in -this Software without prior written authorization from the X Consortium. - -X Window System is a trademark of X Consortium, Inc. - -3.1.2. The Open Group - -Copyright <date> The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that the -above copyright notice appear in all copies and that both that copyright -notice and this permission notice appear in supporting documentation. - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from the X Consortium. +*/ + +_____________________________ +Copyright notice for extutil.h: +Copyright 1989, 1998 The Open Group + +All Rights Reserved. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN -ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings in -this Software without prior written authorization from The Open Group. 3.2. -Berkeley-based copyrights: - -o -3.2.1. General - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - 3. The name of the author may not be used to endorse or promote products - derived from this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR -BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER -IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -POSSIBILITY OF SUCH DAMAGE. 3.2.2. UCB/LBL - -Copyright (c) 1993 The Regents of the University of California. All rights -reserved. - -This software was developed by the Computer Systems Engineering group at -Lawrence Berkeley Laboratory under DARPA contract BG 91-66 and contributed to -Berkeley. - -All advertising materials mentioning features or use of this software must -display the following acknowledgement: This product includes software -developed by the University of California, Lawrence Berkeley Laboratory. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - 3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: This product includes software - developed by the University of California, Berkeley and its contributors. - - 4. Neither the name of the University nor the names of its contributors may - be used to endorse or promote products derived from this software without - specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ANY -EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY -DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 3.2.3. The -NetBSD Foundation, Inc. - -Copyright (c) 2003 The NetBSD Foundation, Inc. All rights reserved. - -This code is derived from software contributed to The NetBSD Foundation by Ben -Collver <collver1@attbi.com> - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - 3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: This product includes software - developed by the NetBSD Foundation, Inc. and its contributors. - - 4. Neither the name of The NetBSD Foundation nor the names of its - contributors may be used to endorse or promote products derived from this - software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS ``AS -IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS BE LIABLE FOR ANY -DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 3.2.4. Theodore -Ts'o. - -Copyright Theodore Ts'o, 1994, 1995, 1996, 1997, 1998, 1999. All rights -reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - and the entire permission notice in its entirety, including the disclaimer - of warranties. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - 3. he name of the author may not be used to endorse or promote products - derived from this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, -INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND -FITNESS FOR A PARTICULAR PURPOSE, ALL OF WHICH ARE HEREBY DISCLAIMED. IN NO -EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR -BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER -IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE -POSSIBILITY OF SUCH DAMAGE. 3.2.5. Theo de Raadt and Damien Miller - -Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. Copyright (c) -2001-2002 Damien Miller. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR -BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER -IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -POSSIBILITY OF SUCH DAMAGE. 3.2.6. Todd C. Miller - -Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com> - -Permission to use, copy, modify, and distribute this software for any purpose -with or without fee is hereby granted, provided that the above copyright -notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND TODD C. MILLER DISCLAIMS ALL WARRANTIES -WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL TODD C. MILLER BE LIABLE FOR -ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION -OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN -CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 3.2.7. Thomas -Winischhofer - -Copyright (C) 2001-2004 Thomas Winischhofer - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - 3. The name of the author may not be used to endorse or promote products - derived from this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESSED OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR -BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER -IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -POSSIBILITY OF SUCH DAMAGE. 3.3. NVIDIA Corp - -Copyright (c) 1996 NVIDIA, Corp. All rights reserved. - -NOTICE TO USER: The source code is copyrighted under U.S. and international -laws. NVIDIA, Corp. of Sunnyvale, California owns the copyright and as design -patents pending on the design and interface of the NV chips. Users and -possessors of this source code are hereby granted a nonexclusive, royalty-free -copyright and design patent license to use this code in individual and -commercial software. - -Any use of this source code must include, in the user documentation and -internal comments to the code, notices to the end user as follows: - -Copyright (c) 1996 NVIDIA, Corp. NVIDIA design patents pending in the U.S. and -foreign countries. - -NVIDIA, CORP. MAKES NO REPRESENTATION ABOUT THE SUITABILITY OF THIS SOURCE -CODE FOR ANY PURPOSE. IT IS PROVIDED "AS IS" WITHOUT EXPRESS OR IMPLIED -WARRANTY OF ANY KIND. NVIDIA, CORP. DISCLAIMS ALL WARRANTIES WITH REGARD TO -THIS SOURCE CODE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND -FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL NVIDIA, CORP. BE LIABLE -FOR ANY SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, OR ANY -DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN -CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOURCE CODE. 3.4. GLX Public -License - -GLX PUBLIC LICENSE (Version 1.0 (2/11/99)) ("License") - -Subject to any third party claims, Silicon Graphics, Inc. ("SGI") hereby -grants permission to Recipient (defined below), under Recipient's copyrights -in the Original Software (defined below), to use, copy, modify, merge, -publish, distribute, sublicense and/or sell copies of Subject Software -(defined below), and to permit persons to whom the Subject Software is -furnished in accordance with this License to do the same, subject to all of -the following terms and conditions, which Recipient accepts by engaging in any -such use, copying, modifying, merging, publishing, distributing, sublicensing -or selling: - -1. Definitions. - - (a) "Original Software" means source code of computer software code which - is described in Exhibit A as Original Software. - - (b) "Modifications" means any addition to or deletion from the substance - or structure of either the Original Software or any previous - Modifications. When Subject Software is released as a series of files, a - Modification means (i) any addition to or deletion from the contents of a - file containing Original Software or previous Modifications and (ii) any - new file that contains any part of the Original Code or previous - Modifications. - - (c) "Subject Software" means the Original Software or Modifications or the - combination of the Original Software and Modifications, or portions of any - of the foregoing. - - (d) "Recipient" means an individual or a legal entity exercising rights - under, and complying with all of the terms of, this License. For legal - entities, "Recipient" includes any entity which controls, is controlled - by, or is under common control with Recipient. For purposes of this - definition, "control" of an entity means (a) the power, direct or - indirect, to direct or manage such entity, or (b) ownership of fifty - percent (50%) or more of the outstanding shares or beneficial ownership of - such entity. - -2. Redistribution of Source Code Subject to These Terms. Redistributions of -Subject Software in source code form must retain the notice set forth in -Exhibit A, below, in every file. A copy of this License must be included in -any documentation for such Subject Software where the recipients' rights -relating to Subject Software are described. Recipient may distribute the -source code version of Subject Software under a license of Recipient's choice, -which may contain terms different from this License, provided that (i) -Recipient is in compliance with the terms of this License, and (ii) the -license terms include this Section 2 and Sections 3, 4, 7, 8, 10, 12 and 13 of -this License, which terms may not be modified or superseded by any other terms -of such license. If Recipient distributes the source code version under a -different license Recipient must make it absolutely clear that any terms which -differ from this License are offered by Recipient alone, not by SGI. Recipient -hereby agrees to indemnify SGI for any liability incurred by SGI as a result -of any such terms Recipient offers. - -3. Redistribution in Executable Form. The notice set forth in Exhibit A must -be conspicuously included in any notice in an executable version of Subject -Software, related documentation or collateral in which Recipient describes the -user's rights relating to the Subject Software. Recipient may distribute the -executable version of Subject Software under a license of Recipient's choice, -which may contain terms different from this License, provided that (i) -Recipient is in compliance with the terms of this License, and (ii) the -license terms include this Section 3 and Sections 4, 7, 8, 10, 12 and 13 of -this License, which terms may not be modified or superseded by any other terms -of such license. If Recipient distributes the executable version under a -different license Recipient must make it absolutely clear that any terms which -differ from this License are offered by Recipient alone, not by SGI. Recipient -hereby agrees to indemnify SGI for any liability incurred by SGI as a result -of any such terms Recipient offers. - -4. Termination. This License and the rights granted hereunder will terminate -automatically if Recipient fails to comply with terms herein and fails to cure -such breach within 30 days of the breach. Any sublicense to the Subject -Software which is properly granted shall survive any termination of this -License absent termination by the terms of such sublicense. Provisions which, -by their nature, must remain in effect beyond the termination of this License -shall survive. - -5. No Trademark Rights. This License does not grant any rights to use any -trade name, trademark or service mark whatsoever. No trade name, trademark or -service mark of SGI may be used to endorse or promote products derived from -the Subject Software without prior written permission of SGI. - -6. No Other Rights. This License does not grant any rights with respect to the -OpenGL API or to any software or hardware implementation thereof or to any -other software whatsoever, nor shall any other rights or licenses not -expressly granted hereunder arise by implication, estoppel or otherwise with -respect to the Subject Software. Title to and ownership of the Original -Software at all times remains with SGI. All rights in the Original Software -not expressly granted under this License are reserved. - -7. Compliance with Laws; Non-Infringement. Recipient shall comply with all -applicable laws and regulations in connection with use and distribution of the -Subject Software, including but not limited to, all export and import control -laws and regulations of the U.S. government and other countries. Recipient may -not distribute Subject Software that (i) in any way infringes (directly or -contributorily) the rights (including patent, copyright, trade secret, -trademark or other intellectual property rights of any kind) of any other -person or entity or (ii) breaches any representation or warranty, express, -implied or statutory, which under any applicable law it might be deemed to -have been distributed. - -8. Claims of Infringement. If Recipient at any time has knowledge of any one -or more third party claims that reproduction, modification, use, distribution, -import or sale of Subject Software (including particular functionality or code -incorporated in Subject Software) infringes the third party's intellectual -property rights, Recipient must place in a well-identified web page bearing -the title "LEGAL" a description of each such claim and a description of the -party making each such claim in sufficient detail that a user of the Subject -Software will know whom to contact regarding the claim. Also, upon gaining -such knowledge of any such claim, Recipient must conspicuously include the URL -for such web page in the Exhibit A notice required under Sections 2 and 3, -above, and in the text of any related documentation, license agreement or -collateral in which Recipient describes end user's rights relating to the -Subject Software. If Recipient obtains such knowledge after it makes Subject -Software available to any other person or entity, Recipient shall take other -steps (such as notifying appropriate mailing lists or newsgroups) reasonably -calculated to inform those who received the Subject Software that new -knowledge has been obtained. - -9. DISCLAIMER OF WARRANTY. SUBJECT SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, -WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT -LIMITATION, WARRANTIES THAT THE SUBJECT SOFTWARE IS FREE OF DEFECTS, -MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON- INFRINGING. SGI ASSUMES NO -RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE. SHOULD ANY SOFTWARE -PROVE DEFECTIVE IN ANY RESPECT, SGI ASSUMES NO COST OR LIABILITY FOR ANY -SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN -ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY SUBJECT SOFTWARE IS AUTHORIZED -HEREUNDER EXCEPT UNDER THIS DISCLAIMER. - -10. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, -WHETHER TORT (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE OR STRICT LIABILITY), -CONTRACT, OR OTHERWISE, SHALL SGI OR ANY SGI LICENSOR BE LIABLE FOR ANY -DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY -CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK -STOPPAGE, LOSS OF DATA, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER -COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF -THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY -TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SGI's NEGLIGENCE TO -THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT -ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO -THAT EXCLUSION AND LIMITATION MAY NOT APPLY TO RECIPIENT. - -11. Indemnity. Recipient shall be solely responsible for damages arising, -directly or indirectly, out of its utilization of rights under this License. -Recipient will defend, indemnify and hold harmless Silicon Graphics, Inc. from -and against any loss, liability, damages, costs or expenses (including the -payment of reasonable attorneys fees) arising out of Recipient's use, -modification, reproduction and distribution of the Subject Software or out of -any representation or warranty made by Recipient. - -12. U.S. Government End Users. The Subject Software is a "commercial item" -consisting of "commercial computer software" as such terms are defined in -title 48 of the Code of Federal Regulations and all U.S. Government End Users -acquire only the rights set forth in this License and are subject to the terms -of this License. - -13. Miscellaneous. This License represents the complete agreement concerning -subject matter hereof. If any provision of this License is held to be -unenforceable, such provision shall be reformed so as to achieve as nearly as -possible the same economic effect as the original provision and the remainder -of this License will remain in effect. This License shall be governed by and -construed in accordance with the laws of the United States and the State of -California as applied to agreements entered into and to be performed entirely -within California between California residents. Any litigation relating to -this License shall be subject to the exclusive jurisdiction of the Federal -Courts of the Northern District of California (or, absent subject matter -jurisdiction in such courts, the courts of the State of California), with -venue lying exclusively in Santa Clara County, California, with the losing -party responsible for costs, including without limitation, court costs and -reasonable attorneys fees and expenses. The application of the United Nations -Convention on Contracts for the International Sale of Goods is expressly -excluded. Any law or regulation which provides that the language of a contract -shall be construed against the drafter shall not apply to this License. - -Exhibit A - -The contents of this file are subject to Sections 2, 3, 4, 7, 8, 10, 12 and 13 -of the GLX Public License Version 1.0 (the "License"). You may not use this -file except in compliance with those sections of the License. You may obtain a -copy of the License at Silicon Graphics, Inc., attn: Legal Services, 2011 N. -Shoreline Blvd., Mountain View, CA 94043 or at -http://www.sgi.com/software/opensource/glx/license.html. - -Software distributed under the License is distributed on an "AS IS" basis. ALL -WARRANTIES ARE DISCLAIMED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED -WARRANTIES OF MERCHANTABILITY, OF FITNESS FOR A PARTICULAR PURPOSE OR OF NON- -INFRINGEMENT. See the License for the specific language governing rights and -limitations under the License. - -The Original Software is GLX version 1.2 source code, released February, 1999. -The developer of the Original Software is Silicon Graphics, Inc. Those -portions of the Subject Software created by Silicon Graphics, Inc. are -Copyright (c) 1991-9 Silicon Graphics, Inc. All Rights Reserved. 3.5. CID -Font Code Public License - -CID FONT CODE PUBLIC LICENSE (Version 1.0 (3/31/99))("License") - -Subject to any applicable third party claims, Silicon Graphics, Inc. ("SGI") -hereby grants permission to Recipient (defined below), under SGI's copyrights -in the Original Software (defined below), to use, copy, modify, merge, -publish, distribute, sublicense and/or sell copies of Subject Software -(defined below) in both source code and executable form, and to permit persons -to whom the Subject Software is furnished in accordance with this License to -do the same, subject to all of the following terms and conditions, which -Recipient accepts by engaging in any such use, copying, modifying, merging, -publication, distributing, sublicensing or selling: - -1. Definitions. - - a. "Original Software" means source code of computer software code that is - described in Exhibit A as Original Software. - - b. "Modifications" means any addition to or deletion from the substance or - structure of either the Original Software or any previous Modifications. - When Subject Software is released as a series of files, a Modification - means (i) any addition to or deletion from the contents of a file - containing Original Software or previous Modifications and (ii) any new - file that contains any part of the Original Code or previous - Modifications. - - c. "Subject Software" means the Original Software or Modifications or the - combination of the Original Software and Modifications, or portions of any - of the foregoing. - - d. "Recipient" means an individual or a legal entity exercising rights - under the terms of this License. For legal entities, "Recipient" includes - any entity that controls, is controlled by, or is under common control - with Recipient. For purposes of this definition, "control" of an entity - means (i) the power, direct or indirect, to direct or manage such entity, - or (ii) ownership of fifty percent (50%) or more of the outstanding shares - or beneficial ownership of such entity. - - e. "Required Notice" means the notice set forth in Exhibit A to this - License. - - f. "Accompanying Technology" means any software or other technology that - is not a Modification and that is distributed or made publicly available - by Recipient with the Subject Software. Separate software files that do - not contain any Original Software or any previous Modification shall not - be deemed a Modification, even if such software files are aggregated as - part of a product, or in any medium of storage, with any file that does - contain Original Software or any previous Modification. - -2. License Terms. All distribution of the Subject Software must be made -subject to the terms of this License. A copy of this License and the Required -Notice must be included in any documentation for Subject Software where -Recipient's rights relating to Subject Software and/or any Accompanying -Technology are described. Distributions of Subject Software in source code -form must also include the Required Notice in every file distributed. In -addition, a ReadMe file entitled "Important Legal Notice" must be distributed -with each distribution of one or more files that incorporate Subject Software. -That file must be included with distributions made in both source code and -executable form. A copy of the License and the Required Notice must be -included in that file. Recipient may distribute Accompanying Technology under -a license of Recipient's choice, which may contain terms different from this -License, provided that (i) Recipient is in compliance with the terms of this -License, (ii) such other license terms do not modify or supersede the terms of -this License as applicable to the Subject Software, (iii) Recipient hereby -indemnifies SGI for any liability incurred by SGI as a result of the -distribution of Accompanying Technology or the use of other license terms. - -3. Termination. This License and the rights granted hereunder will terminate -automatically if Recipient fails to comply with terms herein and fails to cure -such breach within 30 days of the breach. Any sublicense to the Subject -Software that is properly granted shall survive any termination of this -License absent termination by the terms of such sublicense. Provisions which, -by their nature, must remain in effect beyond the termination of this License -shall survive. - -4. Trademark Rights. This License does not grant any rights to use any trade -name, trademark or service mark whatsoever. No trade name, trademark or -service mark of SGI may be used to endorse or promote products derived from or -incorporating any Subject Software without prior written permission of SGI. - -5. No Other Rights. No rights or licenses not expressly granted hereunder -shall arise by implication, estoppel or otherwise. Title to and ownership of -the Original Software at all times remains with SGI. All rights in the -Original Software not expressly granted under this License are reserved. - -6. Compliance with Laws; Non-Infringement. Recipient shall comply with all -applicable laws and regulations in connection with use and distribution of the -Subject Software, including but not limited to, all export and import control -laws and regulations of the U.S. government and other countries. Recipient may -not distribute Subject Software that (i) in any way infringes (directly or -contributorily) the rights (including patent, copyright, trade secret, -trademark or other intellectual property rights of any kind) of any other -person or entity, or (ii) breaches any representation or warranty, express, -implied or statutory, which under any applicable law it might be deemed to -have been distributed. - -7. Claims of Infringement. If Recipient at any time has knowledge of any one -or more third party claims that reproduction, modification, use, distribution, -import or sale of Subject Software (including particular functionality or code -incorporated in Subject Software) infringes the third party's intellectual -property rights, Recipient must place in a well-identified web page bearing -the title "LEGAL" a description of each such claim and a description of the -party making each such claim in sufficient detail that a user of the Subject -Software will know whom to contact regarding the claim. Also, upon gaining -such knowledge of any such claim, Recipient must conspicuously include the URL -for such web page in the Required Notice, and in the text of any related -documentation, license agreement or collateral in which Recipient describes -end user's rights relating to the Subject Software. If Recipient obtains such -knowledge after it makes Subject Software available to any other person or -entity, Recipient shall take other steps (such as notifying appropriate -mailing lists or newsgroups) reasonably calculated to provide such knowledge -to those who received the Subject Software. - -8. DISCLAIMER OF WARRANTY. SUBJECT SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, -WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT -LIMITATION, WARRANTIES THAT THE SUBJECT SOFTWARE IS FREE OF DEFECTS, -MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. SGI ASSUMES NO -RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE. SHOULD ANY SOFTWARE -PROVE DEFECTIVE IN ANY RESPECT, SGI ASSUMES NO COST OR LIABILITY FOR ANY -SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN -ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY SUBJECT SOFTWARE IS AUTHORIZED -HEREUNDER EXCEPT UNDER THIS DISCLAIMER. - -9. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, -WHETHER TORT (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE OR STRICT LIABILITY), -CONTRACT, OR OTHERWISE, SHALL SGI OR ANY SGI LICENSOR BE LIABLE FOR ANY CLAIM, -DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR -OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SUBJECT SOFTWARE OR -THE USE OR OTHER DEALINGS IN THE SUBJECT SOFTWARE. SOME JURISDICTIONS DO NOT -ALLOW THE EXCLUSION OR LIMITATION OF CERTAIN DAMAGES, SO THIS EXCLUSION AND -LIMITATION MAY NOT APPLY TO RECIPIENT TO THE EXTENT SO DISALLOWED. - -10. Indemnity. Recipient shall be solely responsible for damages arising, -directly or indirectly, out of its utilization of rights under this License. -Recipient will defend, indemnify and hold SGI and its successors and assigns -harmless from and against any loss, liability, damages, costs or expenses -(including the payment of reasonable attorneys fees) arising out of -(Recipient's use, modification, reproduction and distribution of the Subject -Software or out of any representation or warranty made by Recipient. - -11. U.S. Government End Users. The Subject Software is a "commercial item" -consisting of "commercial computer software" as such terms are defined in -title 48 of the Code of Federal Regulations and all U.S. Government End Users -acquire only the rights set forth in this License and are subject to the terms -of this License. - -12. Miscellaneous. This License represents the complete agreement concerning -subject matter hereof. If any provision of this License is held to be -unenforceable by any judicial or administrative authority having proper -jurisdiction with respect thereto, such provision shall be reformed so as to -achieve as nearly as possible the same economic effect as the original -provision and the remainder of this License will remain in effect. This -License shall be governed by and construed in accordance with the laws of the -United States and the State of California as applied to agreements entered -into and to be performed entirely within California between California -residents. Any litigation relating to this License shall be subject to the -exclusive jurisdiction of the Federal Courts of the Northern District of -California (or, absent subject matter jurisdiction in such courts, the courts -of the State of California), with venue lying exclusively in Santa Clara -County, California, with the losing party responsible for costs, including -without limitation, court costs and reasonable attorneys fees and expenses. -The application of the United Nations Convention on Contracts for the -International Sale of Goods is expressly excluded. Any law or regulation that -provides that the language of a contract shall be construed against the -drafter shall not apply to this License. - -Exhibit A - -Copyright (c) 1994-1999 Silicon Graphics, Inc. - -The contents of this file are subject to the CID Font Code Public License -Version 1.0 (the "License"). You may not use this file except in compliance -with the License. You may obtain a copy of the License at Silicon Graphics, -Inc., attn: Legal Services, 2011 N. Shoreline Blvd., Mountain View, CA 94043 -or at http://www.sgi.com/software/opensource/cid/license.html - -Software distributed under the License is distributed on an "AS IS" basis. ALL -WARRANTIES ARE DISCLAIMED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED -WARRANTIES OF MERCHANTABILITY, OF FITNESS FOR A PARTICULAR PURPOSE OR OF -NON-INFRINGEMENT. See the License for the specific language governing rights -and limitations under the License. - -The Original Software (as defined in the License) is CID font code that was -developed by Silicon Graphics, Inc. Those portions of the Subject Software (as -defined in the License) that were created by Silicon Graphics, Inc. are -Copyright (c) 1994-1999 Silicon Graphics, Inc. All Rights Reserved. - -[NOTE: When using this text in connection with Subject Software delivered -solely in object code form, Recipient may replace the words "this file" with -"this software" in both the first and second sentences.] 3.6. Bitstream Vera -Fonts Copyright - -The fonts have a generous copyright, allowing derivative works (as long as -"Bitstream" or "Vera" are not in the names), and full redistribution (so long -as they are not *sold* by themselves). They can be be bundled, redistributed -and sold with any software. - -The fonts are distributed under the following copyright: - -Copyright (c) 2003 by Bitstream, Inc. All Rights Reserved. Bitstream Vera is a -trademark of Bitstream, Inc. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of the fonts accompanying this license ("Fonts") and associated documentation -files (the "Font Software"), to reproduce and distribute the Font Software, -including without limitation the rights to use, copy, merge, publish, -distribute, and/or sell copies of the Font Software, and to permit persons to -whom the Font Software is furnished to do so, subject to the following -conditions: - -The above copyright and trademark notices and this permission notice shall be -included in all copies of one or more of the Font Software typefaces. - -The Font Software may be modified, altered, or added to, and in particular the -designs of glyphs or characters in the Fonts may be modified and additional -glyphs or characters may be added to the Fonts, only if the fonts are renamed -to names not containing either the words "Bitstream" or the word "Vera". - -This License becomes null and void to the extent applicable to Fonts or Font -Software that has been modified and is distributed under the "Bitstream Vera" -names. - -The Font Software may be sold as part of a larger software package but no copy -of one or more of the Font Software typefaces may be sold by itself. - -THE FONT SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS -OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF COPYRIGHT, PATENT, -TRADEMARK, OR OTHER RIGHT. IN NO EVENT SHALL BITSTREAM OR THE GNOME FOUNDATION -BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, INCLUDING ANY GENERAL, -SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF THE USE OR INABILITY TO -USE THE FONT SOFTWARE OR FROM OTHER DEALINGS IN THE FONT SOFTWARE. - -Except as contained in this notice, the names of Gnome, the Gnome Foundation, -and Bitstream Inc., shall not be used in advertising or otherwise to promote -the sale, use or other dealings in this Font Software without prior written -authorization from the Gnome Foundation or Bitstream Inc., respectively. For -further information, contact: fonts at gnome dot org. 3.7. Bigelow & Holmes -Inc and URW++ GmbH Luxi font license - -Luxi fonts copyright (c) 2001 by Bigelow & Holmes Inc. Luxi font instruction -code copyright (c) 2001 by URW++ GmbH. All Rights Reserved. Luxi is a -registered trademark of Bigelow & Holmes Inc. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of these Fonts and associated documentation files (the "Font Software"), to -deal in the Font Software, including without limitation the rights to use, -copy, merge, publish, distribute, sublicense, and/or sell copies of the Font -Software, and to permit persons to whom the Font Software is furnished to do -so, subject to the following conditions: - -The above copyright and trademark notices and this permission notice shall be -included in all copies of one or more of the Font Software. - -The Font Software may not be modified, altered, or added to, and in particular -the designs of glyphs or characters in the Fonts may not be modified nor may -additional glyphs or characters be added to the Fonts. This License becomes -null and void when the Fonts or Font Software have been modified. - -THE FONT SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS -OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF COPYRIGHT, PATENT, -TRADEMARK, OR OTHER RIGHT. IN NO EVENT SHALL BIGELOW & HOLMES INC. OR URW++ -GMBH. BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, INCLUDING ANY -GENERAL, SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF THE USE OR -INABILITY TO USE THE FONT SOFTWARE OR FROM OTHER DEALINGS IN THE FONT +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. +* +* Author: Jim Fulton, MIT The Open Group +* +* Xlib Extension-Writing Utilities +* +* This package contains utilities for writing the client API for various +* protocol extensions. THESE INTERFACES ARE NOT PART OF THE X STANDARD AND +* ARE SUBJECT TO CHANGE! +*/ + +_____________________________ +Copyright notice for HPkeysym.h: +/* + +Copyright 1987, 1998 The Open Group + +All Rights Reserved. + +The above copyright notice and this permission notice shall be included +in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall +not be used in advertising or otherwise to promote the sale, use or +other dealings in this Software without prior written authorization +from The Open Group. + +Copyright 1987 by Digital Equipment Corporation, Maynard, Massachusetts, + +All Rights Reserved + +Permission to use, copy, modify, and distribute this software and its +documentation for any purpose and without fee is hereby granted, +provided that the above copyright notice appear in all copies and that +both that copyright notice and this permission notice appear in +supporting documentation, and that the names of Hewlett Packard +or Digital not be +used in advertising or publicity pertaining to distribution of the +software without specific, written prior permission. + +DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING +ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL +DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR +ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, +WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, +ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -Except as contained in this notice, the names of Bigelow & Holmes Inc. and -URW++ GmbH. shall not be used in advertising or otherwise to promote the sale, -use or other dealings in this Font Software without prior written -authorization from Bigelow & Holmes Inc. and URW++ GmbH. - -For further information, contact: - -info@urwpp.de or design@bigelowandholmes.com - +HEWLETT-PACKARD MAKES NO WARRANTY OF ANY KIND WITH REGARD +TO THIS SOFWARE, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. Hewlett-Packard shall not be liable for errors +contained herein or direct, indirect, special, incidental or +consequential damages in connection with the furnishing, +performance, or use of this material. + +*/ +_____________________________________ +Copyright notice in keysym2ucs.h: + +Copyright 1987, 1994, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included +in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall +not be used in advertising or otherwise to promote the sale, use or +other dealings in this Software without prior written authorization +from The Open Group. + + +Copyright 1987 by Digital Equipment Corporation, Maynard, Massachusetts + +All Rights Reserved + +Permission to use, copy, modify, and distribute this software and its +documentation for any purpose and without fee is hereby granted, +provided that the above copyright notice appear in all copies and that +both that copyright notice and this permission notice appear in +supporting documentation, and that the name of Digital not be +used in advertising or publicity pertaining to distribution of the +software without specific, written prior permission. + +DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING +ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL +DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR +ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, +WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, +ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS +SOFTWARE. + +*/ --- end of LICENSE --- @@ -3325,7 +2815,7 @@ version 1.2.8, April 28th, 2013 - Copyright (C) 1995-2013 Jean-loup Gailly and Mark Adler + Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages @@ -3361,7 +2851,6 @@ Apache Xalan-Java 2.7.1 Apache Xerces Java 2.10.0 Apache XML Resolver 1.1 - Dynalink 0.5 --- begin of LICENSE ---
--- a/make/GenerateClasses.gmk Tue Jul 11 03:45:17 2017 +0100 +++ b/make/GenerateClasses.gmk Wed Jul 19 05:41:28 2017 +0100 @@ -78,14 +78,6 @@ RUN_V12 := true)) GENCLASSES += $(RMI_12) -$(eval $(call SetupRMICompilation,RMI_11, \ - CLASSES := sun.rmi.registry.RegistryImpl \ - sun.rmi.transport.DGCImpl, \ - CLASSES_DIR := $(CLASSES_DIR), \ - STUB_CLASSES_DIR := $(STUB_CLASSES_DIR), \ - RUN_V11 := true)) -GENCLASSES += $(RMI_11) - # For RMI/IIOP call rmic a second time with -standardPackage option # so that *_tie classes are generated in package without the prefix # org.omg.stub (6375696) @@ -112,7 +104,7 @@ ########################################################################################## -$(RMI_12) $(RMI_11) $(RMI_IIOP) $(RMI_SRC): $(BUILD_BOOTSTRAP_RMIC) +$(RMI_12) $(RMI_IIOP) $(RMI_SRC): $(BUILD_BOOTSTRAP_RMIC) $(RMIC_GENSRC_DIR)/_the.classes.removed: $(GENCLASSES) $(FIND) $(RMIC_GENSRC_DIR) -name "*.class" $(FIND_DELETE)
--- a/make/data/tzdata/VERSION Tue Jul 11 03:45:17 2017 +0100 +++ b/make/data/tzdata/VERSION Wed Jul 19 05:41:28 2017 +0100 @@ -21,4 +21,4 @@ # or visit www.oracle.com if you need additional information or have any # questions. # -tzdata2017a +tzdata2017b
--- a/make/data/tzdata/africa Tue Jul 11 03:45:17 2017 +0100 +++ b/make/data/tzdata/africa Wed Jul 19 05:41:28 2017 +0100 @@ -443,18 +443,25 @@ # See Africa/Johannesburg. # Liberia -# From Paul Eggert (2006-03-22): -# In 1972 Liberia was the last country to switch -# from a UTC offset that was not a multiple of 15 or 20 minutes. -# Howse reports that it was in honor of their president's birthday. -# Shank & Pottenger report the date as May 1, whereas Howse reports Jan; -# go with Shanks & Pottenger. -# For Liberia before 1972, Shanks & Pottenger report -0:44, whereas Howse and -# Whitman each report -0:44:30; go with the more precise figure. +# +# From Paul Eggert (2017-03-02): +# +# The Nautical Almanac for the Year 1970, p 264, is the source for -0:44:30. +# +# In 1972 Liberia was the last country to switch from a UTC offset +# that was not a multiple of 15 or 20 minutes. The 1972 change was on +# 1972-01-07, according to an entry dated 1972-01-04 on p 330 of: +# Presidential Papers: First year of the administration of +# President William R. Tolbert, Jr., July 23, 1971-July 31, 1972. +# Monrovia: Executive Mansion. +# +# Use the abbreviation "MMT" before 1972, as the more-accurate numeric +# abbreviation "-004430" would be one byte over the POSIX limit. +# # Zone NAME GMTOFF RULES FORMAT [UNTIL] Zone Africa/Monrovia -0:43:08 - LMT 1882 -0:43:08 - MMT 1919 Mar # Monrovia Mean Time - -0:44:30 - -004430 1972 May + -0:44:30 - MMT 1972 Jan 7 # approximately MMT 0:00 - GMT ###############################################################################
--- a/make/data/tzdata/iso3166.tab Tue Jul 11 03:45:17 2017 +0100 +++ b/make/data/tzdata/iso3166.tab Wed Jul 19 05:41:28 2017 +0100 @@ -32,8 +32,8 @@ # All text uses UTF-8 encoding. The columns of the table are as follows: # # 1. ISO 3166-1 alpha-2 country code, current as of -# ISO 3166-1 Newsletter VI-16 (2013-07-11). See: Updates on ISO 3166 -# http://www.iso.org/iso/home/standards/country_codes/updates_on_iso_3166.htm +# ISO 3166-1 N905 (2016-11-15). See: Updates on ISO 3166-1 +# http://isotc.iso.org/livelink/livelink/Open/16944257 # 2. The usual English name for the coded region, # chosen so that alphabetic sorting of subsets produces helpful lists. # This is not the same as the English name in the ISO 3166 tables.
--- a/make/data/tzdata/northamerica Tue Jul 11 03:45:17 2017 +0100 +++ b/make/data/tzdata/northamerica Wed Jul 19 05:41:28 2017 +0100 @@ -3162,6 +3162,12 @@ # http://www.vantbefinfo.com/changement-dheure-pas-pour-haiti/ # http://news.anmwe.com/haiti-lheure-nationale-ne-sera-ni-avancee-ni-reculee-cette-annee/ +# From Steffen Thorsen (2017-03-12): +# We have received 4 mails from different people telling that Haiti +# has started DST again today, and this source seems to confirm that, +# I have not been able to find a more authoritative source: +# https://www.haitilibre.com/en/news-20319-haiti-notices-time-change-in-haiti.html + # Rule NAME FROM TO TYPE IN ON AT SAVE LETTER/S Rule Haiti 1983 only - May 8 0:00 1:00 D Rule Haiti 1984 1987 - Apr lastSun 0:00 1:00 D @@ -3174,6 +3180,8 @@ Rule Haiti 2005 2006 - Oct lastSun 0:00 0 S Rule Haiti 2012 2015 - Mar Sun>=8 2:00 1:00 D Rule Haiti 2012 2015 - Nov Sun>=1 2:00 0 S +Rule Haiti 2017 max - Mar Sun>=8 2:00 1:00 D +Rule Haiti 2017 max - Nov Sun>=1 2:00 0 S # Zone NAME GMTOFF RULES FORMAT [UNTIL] Zone America/Port-au-Prince -4:49:20 - LMT 1890 -4:49 - PPMT 1917 Jan 24 12:00 # P-a-P MT
--- a/src/macosx/classes/sun/java2d/OSXOffScreenSurfaceData.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/macosx/classes/sun/java2d/OSXOffScreenSurfaceData.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -607,6 +607,13 @@ fImageInfoInt.put(kNeedToSyncFromJavaPixelsIndex, 1); // the pixels will change } + private void syncFromCustom() { + + } + + private void syncToCustom() { + + } // /** // * Invoked when the raster's contents will be taken (via the Raster.getDataBuffer() method) // */
--- a/src/macosx/classes/sun/lwawt/macosx/CPlatformWindow.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/macosx/classes/sun/lwawt/macosx/CPlatformWindow.java Wed Jul 19 05:41:28 2017 +0100 @@ -251,13 +251,18 @@ } AtomicLong ref = new AtomicLong(); contentView.execute(viewPtr -> { + boolean hasOwnerPtr = false; + if (owner != null) { - owner.execute(ownerPtr -> { + hasOwnerPtr = 0L != owner.executeGet(ownerPtr -> { ref.set(nativeCreateNSWindow(viewPtr, ownerPtr, styleBits, - bounds.x, bounds.y, - bounds.width, bounds.height)); + bounds.x, bounds.y, + bounds.width, bounds.height)); + return 1; }); - } else { + } + + if (!hasOwnerPtr) { ref.set(nativeCreateNSWindow(viewPtr, 0, styleBits, bounds.x, bounds.y, bounds.width, bounds.height));
--- a/src/macosx/native/sun/awt/ImageSurfaceData.m Tue Jul 11 03:45:17 2017 +0100 +++ b/src/macosx/native/sun/awt/ImageSurfaceData.m Wed Jul 19 05:41:28 2017 +0100 @@ -34,9 +34,6 @@ #import <JavaNativeFoundation/JavaNativeFoundation.h> #import "BufImgSurfaceData.h" -#import "ThreadUtilities.h" - - //#define DEBUG 1 #if defined DEBUG @@ -195,10 +192,9 @@ PRINT(" customPixelsFromJava") SurfaceDataOps *sdo = (SurfaceDataOps*)isdo; - JNFCallVoidMethod([ThreadUtilities getJNIEnv], sdo->sdObject, jm_syncFromCustom); // AWT_THREADING Safe (known object) + JNFCallVoidMethod(env, sdo->sdObject, jm_syncFromCustom); // AWT_THREADING Safe (known object) } - IMAGE_SURFACE_INLINE void copyBits(jint w, jint h, jint javaPixelsBytesPerRow, Pixel8bit *pixelsSrc, jint dstPixelsBytesPerRow, Pixel8bit *pixelsDst) { PRINT(" copyBits") @@ -427,7 +423,7 @@ PRINT(" customPixelsToJava") SurfaceDataOps *sdo = (SurfaceDataOps*)isdo; - JNFCallVoidMethod([ThreadUtilities getJNIEnv], sdo->sdObject, jm_syncToCustom); // AWT_THREADING Safe (known object) + JNFCallVoidMethod(env, sdo->sdObject, jm_syncToCustom); // AWT_THREADING Safe (known object) } IMAGE_SURFACE_INLINE void removeAlphaPre_32bit(jint w, jint h, jint javaPixelsBytesPerRow, jint javaPixelBytes, Pixel32bit *pixelsSrc) @@ -995,9 +991,9 @@ { PRINT("imageDataProvider_UnholdJavaPixels") - ImageSDOps* isdo = (ImageSDOps*)info; - unholdJavaPixels([ThreadUtilities getJNIEnv], isdo); + // Currently do nothing } + static void imageDataProvider_FreeTempPixels(void *info, const void *data, size_t size) { PRINT("imageDataProvider_FreeTempPixels")
--- a/src/share/classes/com/sun/accessibility/internal/resources/accessibility_sv.properties Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/com/sun/accessibility/internal/resources/accessibility_sv.properties Wed Jul 19 05:41:28 2017 +0100 @@ -93,7 +93,7 @@ resizable=storleks\u00E4ndringsbar selectable=valbar selected=vald -showing=visas +showing=visar singleline=en rad transient=tillf\u00E4llig visible=synlig
--- a/src/share/classes/com/sun/imageio/plugins/jpeg/JPEGImageReader.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/com/sun/imageio/plugins/jpeg/JPEGImageReader.java Wed Jul 19 05:41:28 2017 +0100 @@ -392,6 +392,17 @@ } } + private void skipPastImage(int imageIndex) { + cbLock.lock(); + try { + gotoImage(imageIndex); + skipImage(); + } catch (IOException | IndexOutOfBoundsException e) { + } finally { + cbLock.unlock(); + } + } + private int getNumImagesOnThread(boolean allowSearch) throws IOException { if (numImages != 0) { @@ -1233,7 +1244,8 @@ // Note that getData disables acceleration on buffer, but it is // just a 1-line intermediate data transfer buffer that will not // affect the acceleration of the resulting image. - aborted = readImage(structPointer, + aborted = readImage(imageIndex, + structPointer, buffer.getData(), numRasterBands, srcBands, @@ -1395,7 +1407,8 @@ /** * Returns <code>true</code> if the read was aborted. */ - private native boolean readImage(long structPointer, + private native boolean readImage(int imageIndex, + long structPointer, byte [] buffer, int numRasterBands, int [] srcBands,
--- a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsRootPaneUI.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsRootPaneUI.java Wed Jul 19 05:41:28 2017 +0100 @@ -165,8 +165,11 @@ } public boolean postProcessKeyEvent(KeyEvent ev) { - if(ev.isConsumed()) { - // do not manage consumed event + if(ev.isConsumed() && ev.getKeyCode() != KeyEvent.VK_ALT) { + // mnemonic combination, it's consumed, but we need + // set altKeyPressed to false, otherwise after selection + // component by mnemonic combination a menu will be open + altKeyPressed = false; return false; } if (ev.getKeyCode() == KeyEvent.VK_ALT) {
--- a/src/share/classes/com/sun/jndi/ldap/LdapClient.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/com/sun/jndi/ldap/LdapClient.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1233,6 +1233,7 @@ static final int LDAP_REF_FOLLOW = 0x01; // follow referrals static final int LDAP_REF_THROW = 0x02; // throw referral ex. static final int LDAP_REF_IGNORE = 0x03; // ignore referrals + static final int LDAP_REF_FOLLOW_SCHEME = 0x04; // follow referrals of the same scheme static final String LDAP_URL = "ldap://"; // LDAPv3 static final String LDAPS_URL = "ldaps://"; // LDAPv3
--- a/src/share/classes/com/sun/jndi/ldap/LdapCtx.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/com/sun/jndi/ldap/LdapCtx.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -2413,6 +2413,9 @@ // First determine the referral mode if (ref != null) { switch (ref) { + case "follow-scheme": + handleReferrals = LdapClient.LDAP_REF_FOLLOW_SCHEME; + break; case "follow": handleReferrals = LdapClient.LDAP_REF_FOLLOW; break; @@ -2975,8 +2978,23 @@ r = new LdapReferralException(resolvedName, resolvedObj, remainName, msg, envprops, fullDN, handleReferrals, reqCtls); // only one set of URLs is present - r.setReferralInfo(res.referrals == null ? null : - res.referrals.elementAt(0), false); + Vector<String> refs; + if (res.referrals == null) { + refs = null; + } else if (handleReferrals == LdapClient.LDAP_REF_FOLLOW_SCHEME) { + refs = new Vector<>(); + for (String s : res.referrals.elementAt(0)) { + if (s.startsWith("ldap:")) { + refs.add(s); + } + } + if (refs.isEmpty()) { + refs = null; + } + } else { + refs = res.referrals.elementAt(0); + } + r.setReferralInfo(refs, false); if (hopCount > 1) { r.setHopCount(hopCount);
--- a/src/share/classes/com/sun/jndi/ldap/LdapReferralException.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/com/sun/jndi/ldap/LdapReferralException.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -117,7 +117,8 @@ // If following referral, request controls are passed to referral ctx this.reqCtls = - (handleReferrals == LdapClient.LDAP_REF_FOLLOW ? reqCtls : null); + (handleReferrals == LdapClient.LDAP_REF_FOLLOW || + handleReferrals == LdapClient.LDAP_REF_FOLLOW_SCHEME ? reqCtls : null); } /**
--- a/src/share/classes/com/sun/management/HotSpotDiagnosticMXBean.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/com/sun/management/HotSpotDiagnosticMXBean.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -63,9 +63,10 @@ * @param outputFile the system-dependent filename * @param live if <tt>true</tt> dump only <i>live</i> objects * i.e. objects that are reachable from others - * @throws IOException if the <tt>outputFile</tt> + * @throws IOException if the <tt>outputFile</tt> already exists, * cannot be created, opened, or written to. * @throws UnsupportedOperationException if this operation is not supported. + * @throws IllegalArgumentException if <tt>outputFile</tt> does not end with ".hprof" suffix. * @throws NullPointerException if <tt>outputFile</tt> is <tt>null</tt>. * @throws SecurityException * If a security manager exists and its {@link
--- a/src/share/classes/java/lang/invoke/LambdaFormEditor.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/java/lang/invoke/LambdaFormEditor.java Wed Jul 19 05:41:28 2017 +0100 @@ -808,9 +808,9 @@ System.arraycopy(lambdaForm.names, skip + outArgs, names2, skip + inTypes, bodyLength); int arity2 = names2.length - bodyLength; int result2 = lambdaForm.result; - if (result2 >= 0) { + if (result2 >= skip) { if (result2 < skip + outArgs) { - result2 = reorder[result2 - skip]; + result2 = reorder[result2 - skip] + skip; } else { result2 = result2 - outArgs + inTypes; }
--- a/src/share/classes/java/rmi/activation/ActivationID.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/java/rmi/activation/ActivationID.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -40,6 +40,12 @@ import java.rmi.server.RemoteObjectInvocationHandler; import java.rmi.server.RemoteRef; import java.rmi.server.UID; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.Permissions; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; +import java.security.ProtectionDomain; /** * Activation makes use of special identifiers to denote remote @@ -81,6 +87,14 @@ /** indicate compatibility with the Java 2 SDK v1.2 version of class */ private static final long serialVersionUID = -4608673054848209235L; + /** an AccessControlContext with no permissions */ + private static final AccessControlContext NOPERMS_ACC; + static { + Permissions perms = new Permissions(); + ProtectionDomain[] pd = { new ProtectionDomain(null, perms) }; + NOPERMS_ACC = new AccessControlContext(pd); + } + /** * The constructor for <code>ActivationID</code> takes a single * argument, activator, that specifies a remote reference to the @@ -116,13 +130,19 @@ try { MarshalledObject<? extends Remote> mobj = activator.activate(this, force); - return mobj.get(); - } catch (RemoteException e) { - throw e; - } catch (IOException e) { - throw new UnmarshalException("activation failed", e); - } catch (ClassNotFoundException e) { - throw new UnmarshalException("activation failed", e); + return AccessController.doPrivileged( + new PrivilegedExceptionAction<Remote>() { + public Remote run() throws IOException, ClassNotFoundException { + return mobj.get(); + } + }, NOPERMS_ACC); + } catch (PrivilegedActionException pae) { + Exception ex = pae.getException(); + if (ex instanceof RemoteException) { + throw (RemoteException) ex; + } else { + throw new UnmarshalException("activation failed", ex); + } } }
--- a/src/share/classes/java/security/CodeSource.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/java/security/CodeSource.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -535,6 +535,7 @@ { CertificateFactory cf; Hashtable<String, CertificateFactory> cfs = null; + List<java.security.cert.Certificate> certList = null; ois.defaultReadObject(); // location @@ -544,7 +545,7 @@ // we know of 3 different cert types: X.509, PGP, SDSI, which // could all be present in the stream at the same time cfs = new Hashtable<String, CertificateFactory>(3); - this.certs = new java.security.cert.Certificate[size]; + certList = new ArrayList<>(size > 20 ? 20 : size); } for (int i = 0; i < size; i++) { @@ -575,13 +576,17 @@ ois.readFully(encoded); ByteArrayInputStream bais = new ByteArrayInputStream(encoded); try { - this.certs[i] = cf.generateCertificate(bais); + certList.add(cf.generateCertificate(bais)); } catch (CertificateException ce) { throw new IOException(ce.getMessage()); } bais.close(); } + if (certList != null) { + this.certs = certList.toArray( + new java.security.cert.Certificate[size]); + } // Deserialize array of code signers (if any) try { this.signers = ((CodeSigner[])ois.readObject()).clone();
--- a/src/share/classes/java/util/concurrent/ThreadPoolExecutor.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/java/util/concurrent/ThreadPoolExecutor.java Wed Jul 19 05:41:28 2017 +0100 @@ -34,6 +34,10 @@ */ package java.util.concurrent; + +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.concurrent.locks.AbstractQueuedSynchronizer; import java.util.concurrent.locks.Condition; import java.util.concurrent.locks.ReentrantLock; @@ -569,6 +573,9 @@ private static final RuntimePermission shutdownPerm = new RuntimePermission("modifyThread"); + /* The context to be used when executing the finalizer, or null. */ + private final AccessControlContext acc; + /** * Class Worker mainly maintains interrupt control state for * threads running tasks, along with other minor bookkeeping. @@ -1307,6 +1314,9 @@ throw new IllegalArgumentException(); if (workQueue == null || threadFactory == null || handler == null) throw new NullPointerException(); + this.acc = System.getSecurityManager() == null ? + null : + AccessController.getContext(); this.corePoolSize = corePoolSize; this.maximumPoolSize = maximumPoolSize; this.workQueue = workQueue; @@ -1474,7 +1484,13 @@ * referenced and it has no threads. */ protected void finalize() { - shutdown(); + SecurityManager sm = System.getSecurityManager(); + if (sm == null || acc == null) { + shutdown(); + } else { + PrivilegedAction<Void> pa = () -> { shutdown(); return null; }; + AccessController.doPrivileged(pa, acc); + } } /**
--- a/src/share/classes/java/util/jar/JarVerifier.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/java/util/jar/JarVerifier.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -180,10 +180,12 @@ // only set the jev object for entries that have a signature // (either verified or not) - if (sigFileSigners.get(name) != null || - verifiedSigners.get(name) != null) { - mev.setEntry(name, je); - return; + if (!name.equals(JarFile.MANIFEST_NAME)) { + if (sigFileSigners.get(name) != null || + verifiedSigners.get(name) != null) { + mev.setEntry(name, je); + return; + } } // don't compute the digest for this entry
--- a/src/share/classes/javax/imageio/spi/ServiceRegistry.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/javax/imageio/spi/ServiceRegistry.java Wed Jul 19 05:41:28 2017 +0100 @@ -26,6 +26,9 @@ package javax.imageio.spi; import java.io.File; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.HashMap; import java.util.Iterator; @@ -701,11 +704,12 @@ Class category; - // Provider Objects organized by partial oridering - PartiallyOrderedSet poset = new PartiallyOrderedSet(); + // Provider Objects organized by partial ordering + final PartiallyOrderedSet poset = new PartiallyOrderedSet(); // Class -> Provider Object of that class - Map<Class<?>,Object> map = new HashMap(); + final Map<Class<?>,Object> map = new HashMap(); + final Map<Class<?>,AccessControlContext> accMap = new HashMap<>(); public SubRegistry(ServiceRegistry registry, Class category) { this.registry = registry; @@ -720,6 +724,7 @@ deregisterServiceProvider(oprovider); } map.put(provider.getClass(), provider); + accMap.put(provider.getClass(), AccessController.getContext()); poset.add(provider); if (provider instanceof RegisterableService) { RegisterableService rs = (RegisterableService)provider; @@ -739,6 +744,7 @@ if (provider == oprovider) { map.remove(provider.getClass()); + accMap.remove(provider.getClass()); poset.remove(provider); if (provider instanceof RegisterableService) { RegisterableService rs = (RegisterableService)provider; @@ -785,10 +791,17 @@ if (provider instanceof RegisterableService) { RegisterableService rs = (RegisterableService)provider; - rs.onDeregistration(registry, category); + AccessControlContext acc = accMap.get(provider.getClass()); + if (acc != null || System.getSecurityManager() == null) { + AccessController.doPrivileged((PrivilegedAction<Void>) () -> { + rs.onDeregistration(registry, category); + return null; + }, acc); + } } } poset.clear(); + accMap.clear(); } public void finalize() {
--- a/src/share/classes/javax/naming/directory/BasicAttribute.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/javax/naming/directory/BasicAttribute.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -515,7 +515,7 @@ throws java.io.IOException, ClassNotFoundException { s.defaultReadObject(); // read in the attrID int n = s.readInt(); // number of values - values = new Vector<>(n); + values = new Vector<>(Math.min(1024, n)); while (--n >= 0) { values.addElement(s.readObject()); }
--- a/src/share/classes/sun/awt/image/ImageWatched.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/awt/image/ImageWatched.java Wed Jul 19 05:41:28 2017 +0100 @@ -29,6 +29,10 @@ import java.awt.Image; import java.awt.image.ImageObserver; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.PrivilegedAction; + public abstract class ImageWatched { public static Link endlink = new Link(); @@ -85,16 +89,26 @@ } } + static class AccWeakReference<T> extends WeakReference<T> { + + private final AccessControlContext acc; + + AccWeakReference(T ref) { + super(ref); + acc = AccessController.getContext(); + } + } + /* * Standard Link implementation to manage a Weak Reference * to an ImageObserver. */ public static class WeakLink extends Link { - private WeakReference<ImageObserver> myref; + private final AccWeakReference<ImageObserver> myref; private Link next; public WeakLink(ImageObserver obs, Link next) { - myref = new WeakReference<ImageObserver>(obs); + myref = new AccWeakReference<ImageObserver>(obs); this.next = next; } @@ -120,6 +134,19 @@ return this; } + private static boolean update(ImageObserver iw, AccessControlContext acc, + Image img, int info, + int x, int y, int w, int h) { + + if (acc != null || System.getSecurityManager() != null) { + return AccessController.doPrivileged( + (PrivilegedAction<Boolean>) () -> { + return iw.imageUpdate(img, info, x, y, w, h); + }, acc); + } + return false; + } + public boolean newInfo(Image img, int info, int x, int y, int w, int h) { @@ -129,7 +156,7 @@ if (myiw == null) { // My referent is null so we must prune in a second pass. ret = true; - } else if (myiw.imageUpdate(img, info, x, y, w, h) == false) { + } else if (update(myiw, myref.acc, img, info, x, y, w, h) == false) { // My referent has lost interest so clear it and ask // for a pruning pass to remove it later. myref.clear();
--- a/src/share/classes/sun/awt/resources/awt_sv.properties Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/awt/resources/awt_sv.properties Wed Jul 19 05:41:28 2017 +0100 @@ -71,7 +71,7 @@ AWT.f22=F22 AWT.f23=F23 AWT.f24=F24 -AWT.printScreen=Print Screen +AWT.printScreen=Sk\u00E4rmutskrift AWT.insert=Insert AWT.help=Hj\u00E4lp AWT.windows=Windows
--- a/src/share/classes/sun/launcher/resources/launcher_es.properties Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/launcher/resources/launcher_es.properties Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ # -# Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -34,7 +34,7 @@ java.launcher.ergo.message2 =\ porque la ejecuci\u00F3n se est\u00E1 llevando a cabo en una m\u00E1quina de clase de servidor.\n # Translators please note do not translate the options themselves -java.launcher.opt.footer =\ -cp <ruta de acceso de b\u00FAsqueda de clases de los directorios y los archivos zip/jar>\n -classpath <ruta de acceso de b\u00FAsqueda de clases de los directorios y los archivos zip/jar>\n Lista separada por {0} de directorios, archivos JAR\n y archivos ZIP para buscar archivos de clase.\n -D<nombre>=<valor>\n definir una propiedad del sistema\n -verbose:[class|gc|jni]\n activar la salida verbose\n -version imprimir la versi\u00F3n del producto y salir\n -version:<valor>\n Advertencia: Esta funci\u00F3n est\u00E1 anticuada y se eliminar\u00E1\n en una versi\u00F3n futura.\n es necesario que se ejecute la versi\u00F3n especificada\n -showversion imprimir la versi\u00F3n del producto y continuar\n -jre-restrict-search | -no-jre-restrict-search\n Advertencia: Esta funci\u00F3n est\u00E1 anticuada y se eliminar\u00E1\n en una versi\u00F3n futura.\n incluir/excluir JRE privados de usuario en la b\u00FAsqueda de versi\u00F3n\n -? -help imprimir este mensaje de ayuda\n -X imprimir la ayuda sobre las opciones que no sean est\u00E1ndar\n -ea[:<nombre_paquete>...|:<nombre_clase>]\n -enableassertions[:<nombre_paquete>...|:<nombre_clase>]\n activar afirmaciones con la granularidad especificada\n -da[:<nombre_paquete>...|:<nombre_clase>]\n -disableassertions[:<nombre_paquete>...|:<nombre_clase>]\n desactivar afirmaciones con la granularidad especificada\n -esa | -enablesystemassertions\n activar afirmaciones del sistema\n -dsa | -disablesystemassertions\n desactivar afirmaciones del sistema\n -agentlib:<nombre_bib>[=<opciones>]\n cargar la biblioteca de agente nativa <nombre_bib>, como -agentlib:hprof\n v\u00E9ase tambi\u00E9n -agentlib:jdwp=help y -agentlib:hprof=help\n -agentpath:<nombre_ruta_acceso>[=<opciones>]\n cargar biblioteca de agente nativa con el nombre de la ruta de acceso completa\n -javaagent:<ruta_acceso_jar>[=<opciones>]\n cargar agente de lenguaje de programaci\u00F3n Java, v\u00E9ase java.lang.instrument\n -splash:<ruta_acceso_imagen>\n mostrar una pantalla de presentaci\u00F3n con la imagen especificada\nConsulte http://www.oracle.com/technetwork/java/javase/documentation/index.html para obtener m\u00E1s informaci\u00F3n. +java.launcher.opt.footer =\ -cp <ruta de acceso de b\u00FAsqueda de clases de los directorios y los archivos zip/jar>\n -classpath <ruta de acceso de b\u00FAsqueda de clases de los directorios y los archivos zip/jar>\n Lista separada por {0} de directorios, archivos JAR\n y archivos ZIP para buscar archivos de clase.\n -D<nombre>=<valor>\n definir una propiedad del sistema\n -verbose:[class|gc|jni]\n activar la salida verbose\n -version imprimir la versi\u00F3n del producto y salir\n -version:<valor>\n Advertencia: Esta funci\u00F3n est\u00E1 anticuada y se eliminar\u00E1\n en una versi\u00F3n futura.\n es necesario que se ejecute la versi\u00F3n especificada\n -showversion imprimir la versi\u00F3n del producto y continuar\n -jre-restrict-search | -no-jre-restrict-search\n Advertencia: Esta funci\u00F3n est\u00E1 anticuada y se eliminar\u00E1\n en una versi\u00F3n futura.\n incluir/excluir JRE privados de usuario en la b\u00FAsqueda de versi\u00F3n\n -? -help imprimir este mensaje de ayuda\n -X imprimir la ayuda sobre las opciones que no sean est\u00E1ndar\n -ea[:<nombre paquete>...|:<nombre clase>]\n -enableassertions[:<nombre paquete>...|:<nombre clase>]\n activar afirmaciones con la granularidad especificada\n -da[:<nombre paquete>...|:<nombre clase>]\n -disableassertions[:<nombre paquete>...|:<nombre clase>]\n desactivar afirmaciones con la granularidad especificada\n -esa | -enablesystemassertions\n activar afirmaciones del sistema\n -dsa | -disablesystemassertions\n desactivar afirmaciones del sistema\n -agentlib:<nombre bib>[=<opciones>]\n cargar la biblioteca de agente nativa <nombre bib>, como -agentlib:hprof\n v\u00E9ase tambi\u00E9n -agentlib:jdwp=help y -agentlib:hprof=help\n -agentpath:<nombre ruta acceso>[=<opciones>]\n cargar biblioteca de agente nativa con el nombre de la ruta de acceso completa\n -javaagent:<ruta acceso jar>[=<opciones>]\n cargar agente de lenguaje de programaci\u00F3n Java, v\u00E9ase java.lang.instrument\n -splash:<ruta acceso imagen>\n mostrar una pantalla de presentaci\u00F3n con la imagen especificada\nConsulte http://www.oracle.com/technetwork/java/javase/documentation/index.html para obtener m\u00E1s informaci\u00F3n. # Translators please note do not translate the options themselves java.launcher.X.usage=\ -Xmixed ejecuci\u00F3n de modo mixto (por defecto)\n -Xint s\u00F3lo ejecuci\u00F3n de modo interpretado\n -Xbootclasspath:<directorios y archivos zip/jar separados por {0}>\n definir la ruta de acceso de b\u00FAsqueda para los recursos y clases de inicializaci\u00F3n de datos\n -Xbootclasspath/a:<directorios y archivos zip/jar separados por {0}>\n agregar al final de la ruta de acceso de la clase de inicializaci\u00F3n de datos\n -Xbootclasspath/p:<directorios y archivos zip/jar separados por {0}>\n anteponer a la ruta de acceso de la clase de inicializaci\u00F3n de datos\n -Xdiag mostrar mensajes de diagn\u00F3stico adicionales\n -Xnoclassgc desactivar la recolecci\u00F3n de basura de clases\n -Xincgc activar la recolecci\u00F3n de basura de clases\n -Xloggc:<archivo> registrar el estado de GC en un archivo con registros de hora\n -Xbatch desactivar compilaci\u00F3n en segundo plano\n -Xms<tama\u00F1o> definir tama\u00F1o de pila Java inicial\n -Xmx<tama\u00F1o> definir tama\u00F1o de pila Java m\u00E1ximo\n -Xss<tama\u00F1o> definir tama\u00F1o de la pila del thread de Java\n -Xprof datos de salida de creaci\u00F3n de perfil de CPU\n -Xfuture activar las comprobaciones m\u00E1s estrictas, anticip\u00E1ndose al futuro valor por defecto\n -Xrs reducir el uso de se\u00F1ales de sistema operativo por parte de Java/VM (consulte la documentaci\u00F3n)\n -Xcheck:jni realizar comprobaciones adicionales para las funciones de JNI\n -Xshare:off no intentar usar datos de clase compartidos\n -Xshare:auto usar datos de clase compartidos si es posible (valor por defecto)\n -Xshare:on es obligatorio el uso de datos de clase compartidos, de lo contrario se emitir\u00E1 un fallo.\n -XshowSettings mostrar todos los valores y continuar\n -XshowSettings:all\n mostrar todos los valores y continuar\n -XshowSettings:vm mostrar todos los valores de la VM y continuar\n -XshowSettings:properties\n mostrar todos los valores de las propiedades y continuar\n -XshowSettings:locale\n mostrar todos los valores relacionados con la configuraci\u00F3n regional y continuar\n\nLas opciones -X no son est\u00E1ndar, por lo que podr\u00EDan cambiarse sin previo aviso.\n
--- a/src/share/classes/sun/launcher/resources/launcher_sv.properties Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/launcher/resources/launcher_sv.properties Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ # -# Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -37,7 +37,7 @@ java.launcher.opt.footer =\ -cp <class search path of directories and zip/jar files>\n -classpath <class search path of directories and zip/jar files>\n En lista \u00F6ver kataloger, JAR-arkiv och och ZIP-arkiv\n f\u00F6r s\u00F6kning efter klassfiler avgr\u00E4nsad med {0}.\n -D<name>=<value>\n ange en systemegenskap\n -verbose:[class|gc|jni]\n aktivera utf\u00F6rliga utdata\n -version skriv ut produktversion och avsluta\n -version:<value>\n Varning: den h\u00E4r funktionen \u00E4r inaktuell och kommer\n att tas bort i en framtida utg\u00E5va.\n kr\u00E4v den angivna versionen f\u00F6r att k\u00F6ra\n -showversion skriv ut produktversion och forts\u00E4tt\n -jre-restrict-search | -no-jre-restrict-search\n Varning: den h\u00E4r funktionen \u00E4r inaktuell och kommer\n att tas bort i en framtida utg\u00E5va.\n inkludera/exkludera anv\u00E4ndarprivata JRE:er i versionss\u00F6kningen\n -? -help skriv ut det h\u00E4r hj\u00E4lpmeddelandet\n -X skriv ut hj\u00E4lp f\u00F6r icke-standardalternativ\n -ea[:<packagename>...|:<classname>]\n -enableassertions[:<packagename>...|:<classname>]\n aktivera verifieringar med den angivna detaljgraden\n -da[:<packagename>...|:<classname>]\n -disableassertions[:<packagename>...|:<classname>]\n avaktivera verifieringar med den angivna detaljgraden\n -esa | -enablesystemassertions\n aktivera systemverifieringar\n -dsa | -disablesystemassertions\n avaktivera systemverifieringar\n -agentlib:<libname>[=<options>]\n ladda det ursprungliga agentbiblioteket <libname>, t.ex. -agentlib:hprof\n se \u00E4ven -agentlib:jdwp=help och -agentlib:hprof=help\n -agentpath:<pathname>[=<options>]\n ladda det ursprungliga agentbiblioteket med det fullst\u00E4ndiga s\u00F6kv\u00E4gsnamnet\n -javaagent:<jarpath>[=<options>]\n ladda agenten f\u00F6r programmeringsspr\u00E5ket Java, se java.lang.instrument\n -splash:<imagepath>\n visa v\u00E4lkomstsk\u00E4rmen med den angivna bilden\nMer information finns p\u00E5 http://www.oracle.com/technetwork/java/javase/documentation/index.html. # Translators please note do not translate the options themselves -java.launcher.X.usage=\ -Xmixed k\u00F6rning i blandat l\u00E4ge (standard)\n -Xint endast k\u00F6rning i tolkat l\u00E4ge\n -Xbootclasspath:<kataloger och zip-/jar-filer avgr\u00E4nsas med {0}>\n ange s\u00F6kv\u00E4g f\u00F6r programladdningsklasser och -resurser\n -Xbootclasspath/a:<kataloger och zip-/jar-filer avgr\u00E4nsas med {0}>\n l\u00E4gg till i slutet av programladdningsklassens s\u00F6kv\u00E4g\n -Xbootclasspath/p:<kataloger och zip-/jar-filer avgr\u00E4nsas med {0}>\n l\u00E4gg till i b\u00F6rjan av programladdningsklassens s\u00F6kv\u00E4g\n -Xdiag visa ytterligare diagnostiska meddelanden\n -Xnoclassgc avaktivera klassens skr\u00E4pinsamling\n -Xincgc aktivera inkrementell skr\u00E4pinsamling\n -Xloggc:<fil> logga GC-status till en fil med tidsst\u00E4mplar\n -Xbatch avaktivera bakgrundskompilering\n -Xms<storlek> ange ursprunglig storlek f\u00F6r Java-heap\n -Xmx<storlek> ange maximal storlek f\u00F6r Java-heap\n -Xss<storlek> ange storlek f\u00F6r java-tr\u00E5dsstack\n -Xprof utdata f\u00F6r processorprofilering\n -Xfuture aktivera str\u00E4ngaste kontroller, f\u00F6rv\u00E4ntad framtida standard\n -Xrs minska OS-signalanv\u00E4ndning av Java/VM (se dokumentation)\n -Xcheck:jni utf\u00F6r ytterligare kontroller f\u00F6r JNI-funktioner\n -Xshare:off anv\u00E4nd inte delade klassdata\n -Xshare:auto anv\u00E4nd delade klassdata om det g\u00E5r (standard)\n -Xshare:on kr\u00E4v att delade klassdata anv\u00E4nds, annars slutf\u00F6r inte.\n -XshowSettings visa alla inst\u00E4llningar och forts\u00E4tt\n -XshowSettings:all\n visa alla inst\u00E4llningar och forts\u00E4tt\n -XshowSettings:vm visa alla vm-relaterade inst\u00E4llningar och forts\u00E4tt\n -XshowSettings:properties\n visa alla egenskapsinst\u00E4llningar och forts\u00E4tt\n -XshowSettings:locale\n visa alla spr\u00E5krelaterade inst\u00E4llningar och forts\u00E4tt\n\n-X-alternativen \u00E4r inte standard och kan \u00E4ndras utan f\u00F6reg\u00E5ende meddelande.\n +java.launcher.X.usage=\ -Xmixed exekvering i blandat l\u00E4ge (standard)\n -Xint endast exekvering i tolkat l\u00E4ge\n -Xbootclasspath:<kataloger och zip-/jar-filer avgr\u00E4nsas med {0}>\n ange s\u00F6kv\u00E4g f\u00F6r programladdningsklasser och -resurser\n -Xbootclasspath/a:<kataloger och zip-/jar-filer avgr\u00E4nsas med {0}>\n l\u00E4gg till i slutet av programladdningsklassens s\u00F6kv\u00E4g\n -Xbootclasspath/p:<kataloger och zip-/jar-filer avgr\u00E4nsas med {0}>\n l\u00E4gg till i b\u00F6rjan av programladdningsklassens s\u00F6kv\u00E4g\n -Xdiag visa ytterligare diagnostiska meddelanden\n -Xnoclassgc avaktivera klassens skr\u00E4pinsamling\n -Xincgc aktivera inkrementell skr\u00E4pinsamling\n -Xloggc:<fil> logga GC-status till en fil med tidsst\u00E4mplar\n -Xbatch avaktivera bakgrundskompilering\n -Xms<storlek> ange ursprunglig storlek f\u00F6r Java-heap\n -Xmx<storlek> ange maximal storlek f\u00F6r Java-heap\n -Xss<storlek> ange storlek f\u00F6r java-tr\u00E5dsstack\n -Xprof utdata f\u00F6r processorprofilering\n -Xfuture aktivera str\u00E4ngaste kontroller, f\u00F6rv\u00E4ntad framtida standard\n -Xrs minska OS-signalanv\u00E4ndning av Java/VM (se dokumentation)\n -Xcheck:jni utf\u00F6r ytterligare kontroller f\u00F6r JNI-funktioner\n -Xshare:off anv\u00E4nd inte delade klassdata\n -Xshare:auto anv\u00E4nd delade klassdata om det g\u00E5r (standard)\n -Xshare:on kr\u00E4v att delade klassdata anv\u00E4nds, annars slutf\u00F6r inte.\n -XshowSettings visa alla inst\u00E4llningar och forts\u00E4tt\n -XshowSettings:all\n visa alla inst\u00E4llningar och forts\u00E4tt\n -XshowSettings:vm visa alla vm-relaterade inst\u00E4llningar och forts\u00E4tt\n -XshowSettings:properties\n visa alla egenskapsinst\u00E4llningar och forts\u00E4tt\n -XshowSettings:locale\n visa alla spr\u00E5krelaterade inst\u00E4llningar och forts\u00E4tt\n\n-X-alternativen \u00E4r inte standard och kan \u00E4ndras utan f\u00F6reg\u00E5ende meddelande.\n # Translators please note do not translate the options themselves java.launcher.X.macosx.usage=\nF\u00F6ljande alternativ \u00E4r specifika f\u00F6r Mac OS X:\n -XstartOnFirstThread\n k\u00F6r huvudmetoden() p\u00E5 den f\u00F6rsta (AppKit) tr\u00E5den\n -Xdock:name=<application name>"\n \u00E5sidosatt standardapplikationsnamn visas i docka\n -Xdock:icon=<path to icon file>\n \u00E5sidosatt standardikon visas i docka\n\n
--- a/src/share/classes/sun/management/HotSpotDiagnostic.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/management/HotSpotDiagnostic.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,6 +32,8 @@ import com.sun.management.HotSpotDiagnosticMXBean; import com.sun.management.VMOption; +import java.security.AccessController; +import java.security.PrivilegedAction; /** * Implementation of the diagnostic MBean for Hotspot VM. @@ -41,6 +43,14 @@ } public void dumpHeap(String outputFile, boolean live) throws IOException { + + String propertyName = "jdk.management.heapdump.allowAnyFileSuffix"; + PrivilegedAction<Boolean> pa = () -> Boolean.parseBoolean(System.getProperty(propertyName, "false")); + boolean allowAnyFileSuffix = AccessController.doPrivileged(pa); + if (!allowAnyFileSuffix && !outputFile.endsWith(".hprof")) { + throw new IllegalArgumentException("heapdump file must have .hprof extention"); + } + SecurityManager security = System.getSecurityManager(); if (security != null) { security.checkWrite(outputFile);
--- a/src/share/classes/sun/management/LazyCompositeData.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/management/LazyCompositeData.java Wed Jul 19 05:41:28 2017 +0100 @@ -27,6 +27,7 @@ import java.io.Serializable; import java.util.*; +import javax.management.openmbean.ArrayType; import javax.management.openmbean.CompositeData; import javax.management.openmbean.CompositeType; import javax.management.openmbean.OpenType; @@ -48,39 +49,48 @@ private CompositeData compositeData; // Implementation of the CompositeData interface + @Override public boolean containsKey(String key) { return compositeData().containsKey(key); } + @Override public boolean containsValue(Object value) { return compositeData().containsValue(value); } + @Override public boolean equals(Object obj) { return compositeData().equals(obj); } + @Override public Object get(String key) { return compositeData().get(key); } + @Override public Object[] getAll(String[] keys) { return compositeData().getAll(keys); } + @Override public CompositeType getCompositeType() { return compositeData().getCompositeType(); } + @Override public int hashCode() { return compositeData().hashCode(); } + @Override public String toString() { /** FIXME: What should this be?? */ return compositeData().toString(); } + @Override public Collection<?> values() { return compositeData().values(); } @@ -126,27 +136,31 @@ if (cd == null) throw new IllegalArgumentException("Null CompositeData"); - return ((Boolean) cd.get(itemName)).booleanValue(); + return ((Boolean) cd.get(itemName)); } static long getLong(CompositeData cd, String itemName) { if (cd == null) throw new IllegalArgumentException("Null CompositeData"); - return ((Long) cd.get(itemName)).longValue(); + return ((Long) cd.get(itemName)); } static int getInt(CompositeData cd, String itemName) { if (cd == null) throw new IllegalArgumentException("Null CompositeData"); - return ((Integer) cd.get(itemName)).intValue(); + return ((Integer) cd.get(itemName)); } /** * Compares two CompositeTypes and returns true if * all items in type1 exist in type2 and their item types * are the same. + * @param type1 the base composite type + * @param type2 the checked composite type + * @return {@code true} if all items in type1 exist in type2 and their item + * types are the same. */ protected static boolean isTypeMatched(CompositeType type1, CompositeType type2) { if (type1 == type2) return true; @@ -159,24 +173,9 @@ if (!type2.keySet().containsAll(allItems)) return false; - for (String item: allItems) { - OpenType<?> ot1 = type1.getType(item); - OpenType<?> ot2 = type2.getType(item); - if (ot1 instanceof CompositeType) { - if (! (ot2 instanceof CompositeType)) - return false; - if (!isTypeMatched((CompositeType) ot1, (CompositeType) ot2)) - return false; - } else if (ot1 instanceof TabularType) { - if (! (ot2 instanceof TabularType)) - return false; - if (!isTypeMatched((TabularType) ot1, (TabularType) ot2)) - return false; - } else if (!ot1.equals(ot2)) { - return false; - } - } - return true; + return allItems.stream().allMatch( + item -> isTypeMatched(type1.getType(item), type2.getType(item)) + ); } protected static boolean isTypeMatched(TabularType type1, TabularType type2) { @@ -192,5 +191,41 @@ return isTypeMatched(type1.getRowType(), type2.getRowType()); } + protected static boolean isTypeMatched(ArrayType<?> type1, ArrayType<?> type2) { + if (type1 == type2) return true; + + int dim1 = type1.getDimension(); + int dim2 = type2.getDimension(); + + // check if the array dimensions are the same + if (dim1 != dim2) + return false; + + return isTypeMatched(type1.getElementOpenType(), type2.getElementOpenType()); + } + + private static boolean isTypeMatched(OpenType<?> ot1, OpenType<?> ot2) { + if (ot1 instanceof CompositeType) { + if (! (ot2 instanceof CompositeType)) + return false; + if (!isTypeMatched((CompositeType) ot1, (CompositeType) ot2)) + return false; + } else if (ot1 instanceof TabularType) { + if (! (ot2 instanceof TabularType)) + return false; + if (!isTypeMatched((TabularType) ot1, (TabularType) ot2)) + return false; + } else if (ot1 instanceof ArrayType) { + if (! (ot2 instanceof ArrayType)) + return false; + if (!isTypeMatched((ArrayType<?>) ot1, (ArrayType<?>) ot2)) { + return false; + } + } else if (!ot1.equals(ot2)) { + return false; + } + return true; + } + private static final long serialVersionUID = -2190411934472666714L; }
--- a/src/share/classes/sun/management/jmxremote/SingleEntryRegistry.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/management/jmxremote/SingleEntryRegistry.java Wed Jul 19 05:41:28 2017 +0100 @@ -32,6 +32,7 @@ package sun.management.jmxremote; +import sun.misc.ObjectInputFilter; import java.rmi.AccessException; import java.rmi.NotBoundException; import java.rmi.Remote; @@ -56,7 +57,7 @@ String name, Remote object) throws RemoteException { - super(port, csf, ssf); + super(port, csf, ssf, SingleEntryRegistry::singleRegistryFilter); this.name = name; this.object = object; } @@ -84,6 +85,23 @@ throw new AccessException("Cannot modify this registry"); } + /** + * ObjectInputFilter to check parameters to SingleEntryRegistry. + * Since it is a read-only Registry, no classes are accepted. + * String arguments are accepted without passing them to the serialFilter. + * + * @param info a reference to the serialization filter information + * @return Status.REJECTED if parameters are out of range + */ + private static ObjectInputFilter.Status singleRegistryFilter(ObjectInputFilter.FilterInfo info) { + return (info.serialClass() != null || + info.depth() > 2 || + info.references() > 4 || + info.arrayLength() >= 0) + ? ObjectInputFilter.Status.REJECTED + : ObjectInputFilter.Status.ALLOWED; + } + private final String name; private final Remote object;
--- a/src/share/classes/sun/management/resources/agent_sv.properties Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/management/resources/agent_sv.properties Wed Jul 19 05:41:28 2017 +0100 @@ -1,6 +1,6 @@ # # -# Copyright (c) 2004, 2015, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2004, 2017, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -70,10 +70,10 @@ agent.err.invalid.snmp.port = Ogiltigt com.sun.management.snmp.port-nummer agent.err.invalid.snmp.trap.port = Ogiltigt com.sun.management.snmp.trap-nummer agent.err.unknown.snmp.interface = Ok\u00E4nt SNMP-gr\u00E4nssnitt -agent.err.acl.file.notset = Ingen SNMP ACL-fil har angetts, men com.sun.management.snmp.acl=true -agent.err.acl.file.notfound = SNMP ACL-filen hittades inte -agent.err.acl.file.not.readable = SNMP ACL-filen \u00E4r inte l\u00E4sbar -agent.err.acl.file.read.failed = Kunde inte l\u00E4sa filen SNMP ACL +agent.err.acl.file.notset = Ingen SNMP \u00E5tkomstkontrollista-fil har angetts, men com.sun.management.snmp.acl=true +agent.err.acl.file.notfound = SNMP \u00E5tkomstkontrollista-filen hittades inte +agent.err.acl.file.not.readable = SNMP \u00E5tkomstkontrollista-filen \u00E4r inte l\u00E4sbar +agent.err.acl.file.read.failed = Kunde inte l\u00E4sa filen SNMP \u00E5tkomstkontrollista agent.err.acl.file.access.notrestricted = L\u00E4sbeh\u00F6righeten f\u00F6r filen m\u00E5ste begr\u00E4nsas agent.err.snmp.adaptor.start.failed = Kunde inte starta SNMP-adaptern med adressen @@ -85,7 +85,7 @@ jmxremote.ConnectorBootstrap.password.readonly = L\u00E4sbeh\u00F6righeten f\u00F6r l\u00F6senordsfilen m\u00E5ste begr\u00E4nsas: {0} jmxremote.ConnectorBootstrap.file.readonly = Fill\u00E4snings\u00E5tkomst m\u00E5ste begr\u00E4nsas {0} -jmxremote.AdaptorBootstrap.getTargetList.processing = ACL bearbetas +jmxremote.AdaptorBootstrap.getTargetList.processing = \u00E5tkomstkontrollista bearbetas jmxremote.AdaptorBootstrap.getTargetList.adding = M\u00E5l l\u00E4ggs till: {0} jmxremote.AdaptorBootstrap.getTargetList.starting = Adapterservern startas: jmxremote.AdaptorBootstrap.getTargetList.initialize1 = Adaptern redo.
--- a/src/share/classes/sun/nio/ch/AsynchronousChannelGroupImpl.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/nio/ch/AsynchronousChannelGroupImpl.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2008, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -246,13 +246,16 @@ abstract void shutdownHandlerTasks(); private void shutdownExecutors() { - AccessController.doPrivileged(new PrivilegedAction<Void>() { - public Void run() { - pool.executor().shutdown(); - timeoutExecutor.shutdown(); - return null; - } - }); + AccessController.doPrivileged( + new PrivilegedAction<Void>() { + public Void run() { + pool.executor().shutdown(); + timeoutExecutor.shutdown(); + return null; + } + }, + null, + new RuntimePermission("modifyThread")); } @Override
--- a/src/share/classes/sun/rmi/registry/RegistryImpl.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/rmi/registry/RegistryImpl.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -69,6 +69,10 @@ * registry. * * The LocateRegistry class is used to obtain registry for different hosts. + * <p> + * The default RegistryImpl exported restricts access to clients on the local host + * for the methods {@link #bind}, {@link #rebind}, {@link #unbind} by checking + * the client host in the skeleton. * * @see java.rmi.registry.LocateRegistry */ @@ -96,10 +100,10 @@ private static final String REGISTRY_FILTER_PROPNAME = "sun.rmi.registry.registryFilter"; /** Registry max depth of remote invocations. **/ - private static int REGISTRY_MAX_DEPTH = 5; + private static final int REGISTRY_MAX_DEPTH = 20; /** Registry maximum array size in remote invocations. **/ - private static int REGISTRY_MAX_ARRAY_SIZE = 10000; + private static final int REGISTRY_MAX_ARRAY_SIZE = 10000; /** * The registryFilter created from the value of the {@code "sun.rmi.registry.registryFilter"} @@ -137,13 +141,27 @@ RMIServerSocketFactory ssf) throws RemoteException { + this(port, csf, ssf, RegistryImpl::registryFilter); + } + + + /** + * Construct a new RegistryImpl on the specified port with the + * given custom socket factory pair and ObjectInputFilter. + */ + public RegistryImpl(int port, + RMIClientSocketFactory csf, + RMIServerSocketFactory ssf, + ObjectInputFilter serialFilter) + throws RemoteException + { if (port == Registry.REGISTRY_PORT && System.getSecurityManager() != null) { // grant permission for default port only. try { AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() { public Void run() throws RemoteException { LiveRef lref = new LiveRef(id, port, csf, ssf); - setup(new UnicastServerRef2(lref, RegistryImpl::registryFilter)); + setup(new UnicastServerRef2(lref, serialFilter)); return null; } }, null, new SocketPermission("localhost:"+port, "listen,accept")); @@ -219,7 +237,8 @@ public void bind(String name, Remote obj) throws RemoteException, AlreadyBoundException, AccessException { - checkAccess("Registry.bind"); + // The access check preventing remote access is done in the skeleton + // and is not applicable to local access. synchronized (bindings) { Remote curr = bindings.get(name); if (curr != null) @@ -236,7 +255,8 @@ public void unbind(String name) throws RemoteException, NotBoundException, AccessException { - checkAccess("Registry.unbind"); + // The access check preventing remote access is done in the skeleton + // and is not applicable to local access. synchronized (bindings) { Remote obj = bindings.get(name); if (obj == null) @@ -252,7 +272,8 @@ public void rebind(String name, Remote obj) throws RemoteException, AccessException { - checkAccess("Registry.rebind"); + // The access check preventing remote access is done in the skeleton + // and is not applicable to local access. bindings.put(name, obj); } @@ -279,7 +300,6 @@ * The client must be on same the same host as this server. */ public static void checkAccess(String op) throws AccessException { - try { /* * Get client host that this registry operation was made from. @@ -305,7 +325,7 @@ if (clientHost.isAnyLocalAddress()) { throw new AccessException( - "Registry." + op + " disallowed; origin unknown"); + op + " disallowed; origin unknown"); } try { @@ -328,7 +348,7 @@ // must have been an IOException throw new AccessException( - "Registry." + op + " disallowed; origin " + + op + " disallowed; origin " + clientHost + " is non-local host"); } } @@ -337,8 +357,7 @@ * Local call from this VM: allow access. */ } catch (java.net.UnknownHostException ex) { - throw new AccessException("Registry." + op + - " disallowed; origin is unknown host"); + throw new AccessException(op + " disallowed; origin is unknown host"); } }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/rmi/registry/RegistryImpl_Skel.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,177 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + + +package sun.rmi.registry; + +import java.io.IOException; +import java.io.InputStream; +import java.rmi.AccessException; +import java.rmi.server.RemoteCall; + +import sun.rmi.transport.Connection; +import sun.rmi.transport.StreamRemoteCall; +import sun.rmi.transport.tcp.TCPConnection; + +/** + * Skeleton to dispatch RegistryImpl methods. + * Originally generated by RMIC but frozen to match the stubs. + */ +@SuppressWarnings({"deprecation", "serial"}) +public final class RegistryImpl_Skel + implements java.rmi.server.Skeleton { + private static final java.rmi.server.Operation[] operations = { + new java.rmi.server.Operation("void bind(java.lang.String, java.rmi.Remote)"), + new java.rmi.server.Operation("java.lang.String list()[]"), + new java.rmi.server.Operation("java.rmi.Remote lookup(java.lang.String)"), + new java.rmi.server.Operation("void rebind(java.lang.String, java.rmi.Remote)"), + new java.rmi.server.Operation("void unbind(java.lang.String)") + }; + + private static final long interfaceHash = 4905912898345647071L; + + public java.rmi.server.Operation[] getOperations() { + return operations.clone(); + } + + public void dispatch(java.rmi.Remote obj, java.rmi.server.RemoteCall call, int opnum, long hash) + throws java.lang.Exception { + if (hash != interfaceHash) + throw new java.rmi.server.SkeletonMismatchException("interface hash mismatch"); + + sun.rmi.registry.RegistryImpl server = (sun.rmi.registry.RegistryImpl) obj; + switch (opnum) { + case 0: // bind(String, Remote) + { + // Check access before reading the arguments + RegistryImpl.checkAccess("Registry.bind"); + + java.lang.String $param_String_1; + java.rmi.Remote $param_Remote_2; + try { + java.io.ObjectInput in = call.getInputStream(); + $param_String_1 = (java.lang.String) in.readObject(); + $param_Remote_2 = (java.rmi.Remote) in.readObject(); + } catch (java.io.IOException | java.lang.ClassNotFoundException e) { + throw new java.rmi.UnmarshalException("error unmarshalling arguments", e); + } finally { + call.releaseInputStream(); + } + server.bind($param_String_1, $param_Remote_2); + try { + call.getResultStream(true); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling return", e); + } + break; + } + + case 1: // list() + { + call.releaseInputStream(); + java.lang.String[] $result = server.list(); + try { + java.io.ObjectOutput out = call.getResultStream(true); + out.writeObject($result); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling return", e); + } + break; + } + + case 2: // lookup(String) + { + java.lang.String $param_String_1; + try { + java.io.ObjectInput in = call.getInputStream(); + $param_String_1 = (java.lang.String) in.readObject(); + } catch (java.io.IOException | java.lang.ClassNotFoundException e) { + throw new java.rmi.UnmarshalException("error unmarshalling arguments", e); + } finally { + call.releaseInputStream(); + } + java.rmi.Remote $result = server.lookup($param_String_1); + try { + java.io.ObjectOutput out = call.getResultStream(true); + out.writeObject($result); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling return", e); + } + break; + } + + case 3: // rebind(String, Remote) + { + // Check access before reading the arguments + RegistryImpl.checkAccess("Registry.rebind"); + + java.lang.String $param_String_1; + java.rmi.Remote $param_Remote_2; + try { + java.io.ObjectInput in = call.getInputStream(); + $param_String_1 = (java.lang.String) in.readObject(); + $param_Remote_2 = (java.rmi.Remote) in.readObject(); + } catch (java.io.IOException | java.lang.ClassNotFoundException e) { + throw new java.rmi.UnmarshalException("error unmarshalling arguments", e); + } finally { + call.releaseInputStream(); + } + server.rebind($param_String_1, $param_Remote_2); + try { + call.getResultStream(true); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling return", e); + } + break; + } + + case 4: // unbind(String) + { + // Check access before reading the arguments + RegistryImpl.checkAccess("Registry.unbind"); + + java.lang.String $param_String_1; + try { + java.io.ObjectInput in = call.getInputStream(); + $param_String_1 = (java.lang.String) in.readObject(); + } catch (java.io.IOException | java.lang.ClassNotFoundException e) { + throw new java.rmi.UnmarshalException("error unmarshalling arguments", e); + } finally { + call.releaseInputStream(); + } + server.unbind($param_String_1); + try { + call.getResultStream(true); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling return", e); + } + break; + } + + default: + throw new java.rmi.UnmarshalException("invalid method number"); + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/rmi/registry/RegistryImpl_Stub.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,189 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.rmi.registry; +/** + * Stubs to invoke RegistryImpl remote methods. + * Originally generated from RMIC but frozen to match RegistryImpl_Skel. + */ +@SuppressWarnings({"deprecation", "serial"}) +public final class RegistryImpl_Stub + extends java.rmi.server.RemoteStub + implements java.rmi.registry.Registry, java.rmi.Remote { + private static final java.rmi.server.Operation[] operations = { + new java.rmi.server.Operation("void bind(java.lang.String, java.rmi.Remote)"), + new java.rmi.server.Operation("java.lang.String list()[]"), + new java.rmi.server.Operation("java.rmi.Remote lookup(java.lang.String)"), + new java.rmi.server.Operation("void rebind(java.lang.String, java.rmi.Remote)"), + new java.rmi.server.Operation("void unbind(java.lang.String)") + }; + + private static final long interfaceHash = 4905912898345647071L; + + // constructors + public RegistryImpl_Stub() { + super(); + } + + public RegistryImpl_Stub(java.rmi.server.RemoteRef ref) { + super(ref); + } + + // methods from remote interfaces + + // implementation of bind(String, Remote) + public void bind(java.lang.String $param_String_1, java.rmi.Remote $param_Remote_2) + throws java.rmi.AccessException, java.rmi.AlreadyBoundException, java.rmi.RemoteException { + try { + java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 0, interfaceHash); + try { + java.io.ObjectOutput out = call.getOutputStream(); + out.writeObject($param_String_1); + out.writeObject($param_Remote_2); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling arguments", e); + } + ref.invoke(call); + ref.done(call); + } catch (java.lang.RuntimeException e) { + throw e; + } catch (java.rmi.RemoteException e) { + throw e; + } catch (java.rmi.AlreadyBoundException e) { + throw e; + } catch (java.lang.Exception e) { + throw new java.rmi.UnexpectedException("undeclared checked exception", e); + } + } + + // implementation of list() + public java.lang.String[] list() + throws java.rmi.AccessException, java.rmi.RemoteException { + try { + java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 1, interfaceHash); + ref.invoke(call); + java.lang.String[] $result; + try { + java.io.ObjectInput in = call.getInputStream(); + $result = (java.lang.String[]) in.readObject(); + } catch (java.io.IOException e) { + throw new java.rmi.UnmarshalException("error unmarshalling return", e); + } catch (java.lang.ClassNotFoundException e) { + throw new java.rmi.UnmarshalException("error unmarshalling return", e); + } finally { + ref.done(call); + } + return $result; + } catch (java.lang.RuntimeException e) { + throw e; + } catch (java.rmi.RemoteException e) { + throw e; + } catch (java.lang.Exception e) { + throw new java.rmi.UnexpectedException("undeclared checked exception", e); + } + } + + // implementation of lookup(String) + public java.rmi.Remote lookup(java.lang.String $param_String_1) + throws java.rmi.AccessException, java.rmi.NotBoundException, java.rmi.RemoteException { + try { + java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 2, interfaceHash); + try { + java.io.ObjectOutput out = call.getOutputStream(); + out.writeObject($param_String_1); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling arguments", e); + } + ref.invoke(call); + java.rmi.Remote $result; + try { + java.io.ObjectInput in = call.getInputStream(); + $result = (java.rmi.Remote) in.readObject(); + } catch (java.io.IOException e) { + throw new java.rmi.UnmarshalException("error unmarshalling return", e); + } catch (java.lang.ClassNotFoundException e) { + throw new java.rmi.UnmarshalException("error unmarshalling return", e); + } finally { + ref.done(call); + } + return $result; + } catch (java.lang.RuntimeException e) { + throw e; + } catch (java.rmi.RemoteException e) { + throw e; + } catch (java.rmi.NotBoundException e) { + throw e; + } catch (java.lang.Exception e) { + throw new java.rmi.UnexpectedException("undeclared checked exception", e); + } + } + + // implementation of rebind(String, Remote) + public void rebind(java.lang.String $param_String_1, java.rmi.Remote $param_Remote_2) + throws java.rmi.AccessException, java.rmi.RemoteException { + try { + java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 3, interfaceHash); + try { + java.io.ObjectOutput out = call.getOutputStream(); + out.writeObject($param_String_1); + out.writeObject($param_Remote_2); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling arguments", e); + } + ref.invoke(call); + ref.done(call); + } catch (java.lang.RuntimeException e) { + throw e; + } catch (java.rmi.RemoteException e) { + throw e; + } catch (java.lang.Exception e) { + throw new java.rmi.UnexpectedException("undeclared checked exception", e); + } + } + + // implementation of unbind(String) + public void unbind(java.lang.String $param_String_1) + throws java.rmi.AccessException, java.rmi.NotBoundException, java.rmi.RemoteException { + try { + java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 4, interfaceHash); + try { + java.io.ObjectOutput out = call.getOutputStream(); + out.writeObject($param_String_1); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling arguments", e); + } + ref.invoke(call); + ref.done(call); + } catch (java.lang.RuntimeException e) { + throw e; + } catch (java.rmi.RemoteException e) { + throw e; + } catch (java.rmi.NotBoundException e) { + throw e; + } catch (java.lang.Exception e) { + throw new java.rmi.UnexpectedException("undeclared checked exception", e); + } + } +}
--- a/src/share/classes/sun/rmi/server/Activation.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/rmi/server/Activation.java Wed Jul 19 05:41:28 2017 +0100 @@ -30,6 +30,7 @@ import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.io.ObjectInput; import java.io.ObjectInputStream; import java.io.OutputStream; import java.io.PrintStream; @@ -105,7 +106,6 @@ import sun.rmi.log.ReliableLog; import sun.rmi.registry.RegistryImpl; import sun.rmi.runtime.NewThreadAction; -import sun.rmi.server.UnicastServerRef; import sun.rmi.transport.LiveRef; import sun.security.action.GetBooleanAction; import sun.security.action.GetIntegerAction; @@ -345,6 +345,7 @@ throw new AccessException( "binding ActivationSystem is disallowed"); } else { + RegistryImpl.checkAccess("ActivationSystem.bind"); super.bind(name, obj); } } @@ -356,6 +357,7 @@ throw new AccessException( "unbinding ActivationSystem is disallowed"); } else { + RegistryImpl.checkAccess("ActivationSystem.unbind"); super.unbind(name); } } @@ -368,6 +370,7 @@ throw new AccessException( "binding ActivationSystem is disallowed"); } else { + RegistryImpl.checkAccess("ActivationSystem.rebind"); super.rebind(name, obj); } } @@ -458,6 +461,33 @@ } + /** + * SameHostOnlyServerRef checks that access is from a local client + * before the parameters are deserialized. The unmarshalCustomCallData + * hook is used to check the network address of the caller + * with RegistryImpl.checkAccess(). + * The kind of access is retained for an exception if one is thrown. + */ + static class SameHostOnlyServerRef extends UnicastServerRef { + private static final long serialVersionUID = 1234L; + private String accessKind; // an exception message + + /** + * Construct a new SameHostOnlyServerRef from a LiveRef. + * @param lref a LiveRef + */ + SameHostOnlyServerRef(LiveRef lref, String accessKind) { + super(lref); + this.accessKind = accessKind; + } + + @Override + protected void unmarshalCustomCallData(ObjectInput in) throws IOException, ClassNotFoundException { + RegistryImpl.checkAccess(accessKind); + super.unmarshalCustomCallData(in); + } + } + class ActivationSystemImpl extends RemoteServer implements ActivationSystem @@ -475,7 +505,8 @@ * 'this' can be exported. */ LiveRef lref = new LiveRef(new ObjID(4), port, null, ssf); - UnicastServerRef uref = new UnicastServerRef(lref); + UnicastServerRef uref = new SameHostOnlyServerRef(lref, + "ActivationSystem.nonLocalAccess"); ref = uref; uref.exportObject(this, null); } @@ -484,8 +515,8 @@ throws ActivationException, UnknownGroupException, RemoteException { checkShutdown(); - RegistryImpl.checkAccess("ActivationSystem.registerObject"); - + // RegistryImpl.checkAccess() is done in the SameHostOnlyServerRef + // during unmarshallCustomData and is not applicable to local access. ActivationGroupID groupID = desc.getGroupID(); ActivationID id = new ActivationID(activatorStub); getGroupEntry(groupID).registerObject(id, desc, true); @@ -496,15 +527,18 @@ throws ActivationException, UnknownObjectException, RemoteException { checkShutdown(); - RegistryImpl.checkAccess("ActivationSystem.unregisterObject"); + // RegistryImpl.checkAccess() is done in the SameHostOnlyServerRef + // during unmarshallCustomData and is not applicable to local access. getGroupEntry(id).unregisterObject(id, true); } public ActivationGroupID registerGroup(ActivationGroupDesc desc) throws ActivationException, RemoteException { + Thread.dumpStack(); checkShutdown(); - RegistryImpl.checkAccess("ActivationSystem.registerGroup"); + // RegistryImpl.checkAccess() is done in the SameHostOnlyServerRef + // during unmarshallCustomData and is not applicable to local access. checkArgs(desc, null); ActivationGroupID id = new ActivationGroupID(systemStub); @@ -521,7 +555,8 @@ throws ActivationException, UnknownGroupException, RemoteException { checkShutdown(); - RegistryImpl.checkAccess("ActivationSystem.activeGroup"); + // RegistryImpl.checkAccess() is done in the SameHostOnlyServerRef + // during unmarshallCustomData and is not applicable to local access. getGroupEntry(id).activeGroup(group, incarnation); return monitor; @@ -531,7 +566,8 @@ throws ActivationException, UnknownGroupException, RemoteException { checkShutdown(); - RegistryImpl.checkAccess("ActivationSystem.unregisterGroup"); + // RegistryImpl.checkAccess() is done in the SameHostOnlyServerRef + // during unmarshallCustomData and is not applicable to local access. // remove entry before unregister so state is updated before // logged @@ -543,7 +579,8 @@ throws ActivationException, UnknownObjectException, RemoteException { checkShutdown(); - RegistryImpl.checkAccess("ActivationSystem.setActivationDesc"); + // RegistryImpl.checkAccess() is done in the SameHostOnlyServerRef + // during unmarshallCustomData and is not applicable to local access. if (!getGroupID(id).equals(desc.getGroupID())) { throw new ActivationException( @@ -557,8 +594,8 @@ throws ActivationException, UnknownGroupException, RemoteException { checkShutdown(); - RegistryImpl.checkAccess( - "ActivationSystem.setActivationGroupDesc"); + // RegistryImpl.checkAccess() is done in the SameHostOnlyServerRef + // during unmarshallCustomData and is not applicable to local access. checkArgs(desc, null); return getGroupEntry(id).setActivationGroupDesc(id, desc, true); @@ -568,7 +605,8 @@ throws ActivationException, UnknownObjectException, RemoteException { checkShutdown(); - RegistryImpl.checkAccess("ActivationSystem.getActivationDesc"); + // RegistryImpl.checkAccess() is done in the SameHostOnlyServerRef + // during unmarshallCustomData and is not applicable to local access. return getGroupEntry(id).getActivationDesc(id); } @@ -577,8 +615,8 @@ throws ActivationException, UnknownGroupException, RemoteException { checkShutdown(); - RegistryImpl.checkAccess - ("ActivationSystem.getActivationGroupDesc"); + // RegistryImpl.checkAccess() is done in the SameHostOnlyServerRef + // during unmarshallCustomData and is not applicable to local access. return getGroupEntry(id).desc; } @@ -588,7 +626,8 @@ * the activation daemon and exits the activation daemon. */ public void shutdown() throws AccessException { - RegistryImpl.checkAccess("ActivationSystem.shutdown"); + // RegistryImpl.checkAccess() is done in the SameHostOnlyServerRef + // during unmarshallCustomData and is not applicable to local access. Object lock = startupLock; if (lock != null) {
--- a/src/share/classes/sun/rmi/server/UnicastRef.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/rmi/server/UnicastRef.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,7 +32,6 @@ import java.rmi.MarshalException; import java.rmi.Remote; import java.rmi.RemoteException; -import java.rmi.ServerException; import java.rmi.UnmarshalException; import java.rmi.server.Operation; import java.rmi.server.RemoteCall; @@ -187,14 +186,11 @@ return returnValue; - } catch (IOException e) { + } catch (IOException | ClassNotFoundException e) { + // disable saving any refs in the inputStream for GC + ((StreamRemoteCall)call).discardPendingRefs(); clientRefLog.log(Log.BRIEF, - "IOException unmarshalling return: ", e); - throw new UnmarshalException("error unmarshalling return", e); - } catch (ClassNotFoundException e) { - clientRefLog.log(Log.BRIEF, - "ClassNotFoundException unmarshalling return: ", e); - + e.getClass().getName() + " unmarshalling return: ", e); throw new UnmarshalException("error unmarshalling return", e); } finally { try {
--- a/src/share/classes/sun/rmi/server/UnicastServerRef.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/rmi/server/UnicastServerRef.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,6 +32,7 @@ import java.io.ObjectStreamClass; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; +import java.rmi.AccessException; import java.rmi.MarshalException; import java.rmi.Remote; import java.rmi.RemoteException; @@ -57,6 +58,7 @@ import sun.misc.ObjectInputFilter; import sun.rmi.runtime.Log; import sun.rmi.transport.LiveRef; +import sun.rmi.transport.StreamRemoteCall; import sun.rmi.transport.Target; import sun.rmi.transport.tcp.TCPTransport; import sun.security.action.GetBooleanAction; @@ -289,20 +291,25 @@ try { in = call.getInputStream(); num = in.readInt(); - if (num >= 0) { - if (skel != null) { - oldDispatch(obj, call, num); - return; - } else { - throw new UnmarshalException( - "skeleton class not found but required " + - "for client version"); - } + } catch (Exception readEx) { + throw new UnmarshalException("error unmarshalling call header", + readEx); + } + if (num >= 0) { + if (skel != null) { + oldDispatch(obj, call, num); + return; + } else { + throw new UnmarshalException( + "skeleton class not found but required " + + "for client version"); } + } + try { op = in.readLong(); } catch (Exception readEx) { throw new UnmarshalException("error unmarshalling call header", - readEx); + readEx); } /* @@ -330,10 +337,14 @@ try { unmarshalCustomCallData(in); params = unmarshalParameters(obj, method, marshalStream); - } catch (java.io.IOException e) { - throw new UnmarshalException( - "error unmarshalling arguments", e); - } catch (ClassNotFoundException e) { + } catch (AccessException aex) { + // For compatibility, AccessException is not wrapped in UnmarshalException + // disable saving any refs in the inputStream for GC + ((StreamRemoteCall) call).discardPendingRefs(); + throw aex; + } catch (java.io.IOException | ClassNotFoundException e) { + // disable saving any refs in the inputStream for GC + ((StreamRemoteCall) call).discardPendingRefs(); throw new UnmarshalException( "error unmarshalling arguments", e); } finally { @@ -367,6 +378,7 @@ */ } } catch (Throwable e) { + Throwable origEx = e; logCallException(e); ObjectOutput out = call.getResultStream(false); @@ -382,6 +394,12 @@ clearStackTraces(e); } out.writeObject(e); + + // AccessExceptions should cause Transport.serviceCall + // to flag the connection as unusable. + if (origEx instanceof AccessException) { + throw new IOException("Connection is not reusable", origEx); + } } finally { call.releaseInputStream(); // in case skeleton doesn't call.releaseOutputStream(); @@ -413,62 +431,41 @@ * Handle server-side dispatch using the RMI 1.1 stub/skeleton * protocol, given a non-negative operation number that has * already been read from the call stream. + * Exceptions are handled by the caller to be sent to the remote client. * * @param obj the target remote object for the call * @param call the "remote call" from which operation and * method arguments can be obtained. * @param op the operation number - * @exception IOException if unable to marshal return result or + * @throws Exception if unable to marshal return result or * release input or output streams */ - public void oldDispatch(Remote obj, RemoteCall call, int op) - throws IOException + private void oldDispatch(Remote obj, RemoteCall call, int op) + throws Exception { long hash; // hash for matching stub with skeleton + // read remote call header + ObjectInput in; + in = call.getInputStream(); try { - // read remote call header - ObjectInput in; - try { - in = call.getInputStream(); - try { - Class<?> clazz = Class.forName("sun.rmi.transport.DGCImpl_Skel"); - if (clazz.isAssignableFrom(skel.getClass())) { - ((MarshalInputStream)in).useCodebaseOnly(); - } - } catch (ClassNotFoundException ignore) { } - hash = in.readLong(); - } catch (Exception readEx) { - throw new UnmarshalException("error unmarshalling call header", - readEx); + Class<?> clazz = Class.forName("sun.rmi.transport.DGCImpl_Skel"); + if (clazz.isAssignableFrom(skel.getClass())) { + ((MarshalInputStream)in).useCodebaseOnly(); } + } catch (ClassNotFoundException ignore) { } - // if calls are being logged, write out object id and operation - logCall(obj, skel.getOperations()[op]); - unmarshalCustomCallData(in); - // dispatch to skeleton for remote object - skel.dispatch(obj, call, op, hash); - - } catch (Throwable e) { - logCallException(e); + try { + hash = in.readLong(); + } catch (Exception ioe) { + throw new UnmarshalException("error unmarshalling call header", ioe); + } - ObjectOutput out = call.getResultStream(false); - if (e instanceof Error) { - e = new ServerError( - "Error occurred in server thread", (Error) e); - } else if (e instanceof RemoteException) { - e = new ServerException( - "RemoteException occurred in server thread", - (Exception) e); - } - if (suppressStackTraces) { - clearStackTraces(e); - } - out.writeObject(e); - } finally { - call.releaseInputStream(); // in case skeleton doesn't - call.releaseOutputStream(); - } + // if calls are being logged, write out object id and operation + logCall(obj, skel.getOperations()[op]); + unmarshalCustomCallData(in); + // dispatch to skeleton for remote object + skel.dispatch(obj, call, op, hash); } /**
--- a/src/share/classes/sun/rmi/transport/ConnectionInputStream.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/rmi/transport/ConnectionInputStream.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -82,6 +82,14 @@ } /** + * Discard the saved incoming refs so there is nothing to register + * when {@code registerRefs} is called. + */ + void discardRefs() { + incomingRefTable.clear(); + } + + /** * Add references to DGC table (and possibly send dirty call). * RegisterRefs now calls DGCClient.referenced on all * refs with the same endpoint at once to achieve batching of
--- a/src/share/classes/sun/rmi/transport/DGCClient.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/rmi/transport/DGCClient.java Wed Jul 19 05:41:28 2017 +0100 @@ -24,9 +24,11 @@ */ package sun.rmi.transport; +import java.io.InvalidClassException; import java.lang.ref.PhantomReference; import java.lang.ref.ReferenceQueue; import java.net.SocketPermission; +import java.rmi.UnmarshalException; import java.security.AccessController; import java.security.PrivilegedAction; import java.util.HashMap; @@ -41,7 +43,9 @@ import java.rmi.dgc.Lease; import java.rmi.dgc.VMID; import java.rmi.server.ObjID; + import sun.misc.GC; +import sun.rmi.runtime.Log; import sun.rmi.runtime.NewThreadAction; import sun.rmi.server.UnicastRef; import sun.rmi.server.Util; @@ -393,6 +397,12 @@ synchronized (this) { dirtyFailures++; + if (e instanceof UnmarshalException + && e.getCause() instanceof InvalidClassException) { + DGCImpl.dgcLog.log(Log.BRIEF, "InvalidClassException exception in DGC dirty call", e); + return; // protocol error, do not register these refs + } + if (dirtyFailures == 1) { /* * If this was the first recent failed dirty call,
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/rmi/transport/DGCImpl_Skel.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,112 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.rmi.transport; + +/** + * Skeleton to dispatch DGC methods. + * Originally generated by RMIC but frozen to match the stubs. + */ +@SuppressWarnings({"deprecation", "serial"}) +public final class DGCImpl_Skel + implements java.rmi.server.Skeleton { + private static final java.rmi.server.Operation[] operations = { + new java.rmi.server.Operation("void clean(java.rmi.server.ObjID[], long, java.rmi.dgc.VMID, boolean)"), + new java.rmi.server.Operation("java.rmi.dgc.Lease dirty(java.rmi.server.ObjID[], long, java.rmi.dgc.Lease)") + }; + + private static final long interfaceHash = -669196253586618813L; + + public java.rmi.server.Operation[] getOperations() { + return operations.clone(); + } + + public void dispatch(java.rmi.Remote obj, java.rmi.server.RemoteCall call, int opnum, long hash) + throws java.lang.Exception { + if (hash != interfaceHash) + throw new java.rmi.server.SkeletonMismatchException("interface hash mismatch"); + + sun.rmi.transport.DGCImpl server = (sun.rmi.transport.DGCImpl) obj; + switch (opnum) { + case 0: // clean(ObjID[], long, VMID, boolean) + { + java.rmi.server.ObjID[] $param_arrayOf_ObjID_1; + long $param_long_2; + java.rmi.dgc.VMID $param_VMID_3; + boolean $param_boolean_4; + try { + java.io.ObjectInput in = call.getInputStream(); + $param_arrayOf_ObjID_1 = (java.rmi.server.ObjID[]) in.readObject(); + $param_long_2 = in.readLong(); + $param_VMID_3 = (java.rmi.dgc.VMID) in.readObject(); + $param_boolean_4 = in.readBoolean(); + } catch (java.io.IOException e) { + throw new java.rmi.UnmarshalException("error unmarshalling arguments", e); + } catch (java.lang.ClassNotFoundException e) { + throw new java.rmi.UnmarshalException("error unmarshalling arguments", e); + } finally { + call.releaseInputStream(); + } + server.clean($param_arrayOf_ObjID_1, $param_long_2, $param_VMID_3, $param_boolean_4); + try { + call.getResultStream(true); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling return", e); + } + break; + } + + case 1: // dirty(ObjID[], long, Lease) + { + java.rmi.server.ObjID[] $param_arrayOf_ObjID_1; + long $param_long_2; + java.rmi.dgc.Lease $param_Lease_3; + try { + java.io.ObjectInput in = call.getInputStream(); + $param_arrayOf_ObjID_1 = (java.rmi.server.ObjID[]) in.readObject(); + $param_long_2 = in.readLong(); + $param_Lease_3 = (java.rmi.dgc.Lease) in.readObject(); + } catch (java.io.IOException e) { + throw new java.rmi.UnmarshalException("error unmarshalling arguments", e); + } catch (java.lang.ClassNotFoundException e) { + throw new java.rmi.UnmarshalException("error unmarshalling arguments", e); + } finally { + call.releaseInputStream(); + } + java.rmi.dgc.Lease $result = server.dirty($param_arrayOf_ObjID_1, $param_long_2, $param_Lease_3); + try { + java.io.ObjectOutput out = call.getResultStream(true); + out.writeObject($result); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling return", e); + } + break; + } + + default: + throw new java.rmi.UnmarshalException("invalid method number"); + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/rmi/transport/DGCImpl_Stub.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,183 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.rmi.transport; + +import java.io.ObjectInputStream; +import java.rmi.dgc.Lease; +import java.rmi.dgc.VMID; +import java.rmi.server.UID; +import java.security.AccessController; +import java.security.PrivilegedAction; + +import sun.misc.ObjectInputFilter; +import sun.rmi.server.UnicastRef; +import sun.rmi.transport.tcp.TCPConnection; + +/** + * Stubs to invoke DGC remote methods. + * Originally generated from RMIC but frozen to insert serialFilter. + */ +@SuppressWarnings({"deprecation", "serial"}) +public final class DGCImpl_Stub + extends java.rmi.server.RemoteStub + implements java.rmi.dgc.DGC { + private static final java.rmi.server.Operation[] operations = { + new java.rmi.server.Operation("void clean(java.rmi.server.ObjID[], long, java.rmi.dgc.VMID, boolean)"), + new java.rmi.server.Operation("java.rmi.dgc.Lease dirty(java.rmi.server.ObjID[], long, java.rmi.dgc.Lease)") + }; + + private static final long interfaceHash = -669196253586618813L; + + /** Registry max depth of remote invocations. **/ + private static int DGCCLIENT_MAX_DEPTH = 6; + + /** Registry maximum array size in remote invocations. **/ + private static int DGCCLIENT_MAX_ARRAY_SIZE = 10000; + + // constructors + public DGCImpl_Stub() { + super(); + } + + public DGCImpl_Stub(java.rmi.server.RemoteRef ref) { + super(ref); + } + + // methods from remote interfaces + + // implementation of clean(ObjID[], long, VMID, boolean) + public void clean(java.rmi.server.ObjID[] $param_arrayOf_ObjID_1, long $param_long_2, java.rmi.dgc.VMID $param_VMID_3, boolean $param_boolean_4) + throws java.rmi.RemoteException { + try { + java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 0, interfaceHash); + try { + java.io.ObjectOutput out = call.getOutputStream(); + out.writeObject($param_arrayOf_ObjID_1); + out.writeLong($param_long_2); + out.writeObject($param_VMID_3); + out.writeBoolean($param_boolean_4); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling arguments", e); + } + ref.invoke(call); + ref.done(call); + } catch (java.lang.RuntimeException e) { + throw e; + } catch (java.rmi.RemoteException e) { + throw e; + } catch (java.lang.Exception e) { + throw new java.rmi.UnexpectedException("undeclared checked exception", e); + } + } + + // implementation of dirty(ObjID[], long, Lease) + public java.rmi.dgc.Lease dirty(java.rmi.server.ObjID[] $param_arrayOf_ObjID_1, long $param_long_2, java.rmi.dgc.Lease $param_Lease_3) + throws java.rmi.RemoteException { + try { + java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 1, interfaceHash); + try { + java.io.ObjectOutput out = call.getOutputStream(); + out.writeObject($param_arrayOf_ObjID_1); + out.writeLong($param_long_2); + out.writeObject($param_Lease_3); + } catch (java.io.IOException e) { + throw new java.rmi.MarshalException("error marshalling arguments", e); + } + ref.invoke(call); + java.rmi.dgc.Lease $result; + Connection connection = ((StreamRemoteCall) call).getConnection(); + try { + java.io.ObjectInput in = call.getInputStream(); + + if (in instanceof ObjectInputStream) { + /** + * Set a filter on the stream for the return value. + */ + ObjectInputStream ois = (ObjectInputStream) in; + AccessController.doPrivileged((PrivilegedAction<Void>)() -> { + ObjectInputFilter.Config.setObjectInputFilter(ois, DGCImpl_Stub::leaseFilter); + return null; + }); + } + $result = (java.rmi.dgc.Lease) in.readObject(); + } catch (java.io.IOException | java.lang.ClassNotFoundException e) { + if (connection instanceof TCPConnection) { + // Modified to prevent re-use of the connection after an exception + ((TCPConnection) connection).getChannel().free(connection, false); + } + throw new java.rmi.UnmarshalException("error unmarshalling return", e); + } finally { + ref.done(call); + } + return $result; + } catch (java.lang.RuntimeException e) { + throw e; + } catch (java.rmi.RemoteException e) { + throw e; + } catch (java.lang.Exception e) { + throw new java.rmi.UnexpectedException("undeclared checked exception", e); + } + } + + /** + * ObjectInputFilter to filter DGCClient return value (a Lease). + * The list of acceptable classes is very short and explicit. + * The depth and array sizes are limited. + * + * @param filterInfo access to class, arrayLength, etc. + * @return {@link ObjectInputFilter.Status#ALLOWED} if allowed, + * {@link ObjectInputFilter.Status#REJECTED} if rejected, + * otherwise {@link ObjectInputFilter.Status#UNDECIDED} + */ + private static ObjectInputFilter.Status leaseFilter(ObjectInputFilter.FilterInfo filterInfo) { + + if (filterInfo.depth() > DGCCLIENT_MAX_DEPTH) { + return ObjectInputFilter.Status.REJECTED; + } + Class<?> clazz = filterInfo.serialClass(); + if (clazz != null) { + while (clazz.isArray()) { + if (filterInfo.arrayLength() >= 0 && filterInfo.arrayLength() > DGCCLIENT_MAX_ARRAY_SIZE) { + return ObjectInputFilter.Status.REJECTED; + } + // Arrays are allowed depending on the component type + clazz = clazz.getComponentType(); + } + if (clazz.isPrimitive()) { + // Arrays of primitives are allowed + return ObjectInputFilter.Status.ALLOWED; + } + return (clazz == UID.class || + clazz == VMID.class || + clazz == Lease.class) + ? ObjectInputFilter.Status.ALLOWED + : ObjectInputFilter.Status.REJECTED; + } + // Not a class, not size limited + return ObjectInputFilter.Status.UNDECIDED; + } + +}
--- a/src/share/classes/sun/rmi/transport/StreamRemoteCall.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/rmi/transport/StreamRemoteCall.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -168,6 +168,13 @@ } /** + * Discard any post-processing of refs the InputStream. + */ + public void discardPendingRefs() { + in.discardRefs(); + } + + /** * Returns an output stream (may put out header information * relating to the success of the call). * @param success If true, indicates normal return, else indicates
--- a/src/share/classes/sun/security/ec/ECDSASignature.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/ec/ECDSASignature.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -287,11 +287,15 @@ } random.nextBytes(seed); + // random bits needed for timing countermeasures + int timingArgument = random.nextInt(); + // values must be non-zero to enable countermeasures + timingArgument |= 1; + try { - return encodeSignature( - signDigest(getDigestValue(), s, encodedParams, seed)); - + signDigest(getDigestValue(), s, encodedParams, seed, + timingArgument)); } catch (GeneralSecurityException e) { throw new SignatureException("Could not sign data", e); } @@ -418,11 +422,19 @@ * @param s the private key's S value. * @param encodedParams the curve's DER encoded object identifier. * @param seed the random seed. + * @param timing When non-zero, the implmentation will use timing + * countermeasures to hide secrets from timing channels. The EC + * implementation will disable the countermeasures when this value is + * zero, because the underlying EC functions are shared by several + * crypto operations, some of which do not use the countermeasures. + * The high-order 31 bits must be uniformly random. The entropy from + * these bits is used by the countermeasures. * * @return byte[] the signature. */ private static native byte[] signDigest(byte[] digest, byte[] s, - byte[] encodedParams, byte[] seed) throws GeneralSecurityException; + byte[] encodedParams, byte[] seed, int timing) + throws GeneralSecurityException; /** * Verifies the signed digest using the public key.
--- a/src/share/classes/sun/security/pkcs/PKCS8Key.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/pkcs/PKCS8Key.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,6 +32,7 @@ import java.security.KeyRep; import java.security.PrivateKey; import java.security.KeyFactory; +import java.security.MessageDigest; import java.security.Security; import java.security.Provider; import java.security.InvalidKeyException; @@ -420,18 +421,9 @@ // that encoding byte[] b2 = ((Key)object).getEncoded(); - // do the comparison - int i; - if (b1.length != b2.length) - return false; - for (i = 0; i < b1.length; i++) { - if (b1[i] != b2[i]) { - return false; - } - } - return true; + // time-constant comparison + return MessageDigest.isEqual(b1, b2); } - return false; }
--- a/src/share/classes/sun/security/pkcs/SignerInfo.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/pkcs/SignerInfo.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -37,6 +37,7 @@ import java.security.Signature; import java.security.SignatureException; import java.security.Timestamp; +import java.security.cert.CertPathValidatorException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.CertPath; @@ -49,6 +50,7 @@ import sun.misc.HexDumpEncoder; import sun.security.timestamp.TimestampToken; +import sun.security.util.ConstraintsParameters; import sun.security.util.Debug; import sun.security.util.DerEncoder; import sun.security.util.DerInputStream; @@ -209,7 +211,7 @@ /** * DER encode this object onto an output stream. - * Implements the <code>DerEncoder</code> interface. + * Implements the {@code DerEncoder} interface. * * @param out * the output stream on which to write the DER encoding. @@ -266,7 +268,7 @@ if (userCert == null) return null; - ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(); + ArrayList<X509Certificate> certList = new ArrayList<>(); certList.add(userCert); X509Certificate[] pkcsCerts = block.getCertificates(); @@ -321,6 +323,14 @@ data = content.getContentBytes(); } + Timestamp timestamp = null; + try { + timestamp = getTimestamp(); + } catch (Exception ignore) { + } + + ConstraintsParameters cparams = + new ConstraintsParameters(timestamp); String digestAlgname = getDigestAlgorithmId().getName(); byte[] dataSigned; @@ -347,11 +357,11 @@ if (messageDigest == null) // fail if there is no message digest return null; - // check that algorithm is not restricted - if (!JAR_DISABLED_CHECK.permits(DIGEST_PRIMITIVE_SET, - digestAlgname, null)) { - throw new SignatureException("Digest check failed. " + - "Disabled algorithm used: " + digestAlgname); + // check that digest algorithm is not restricted + try { + JAR_DISABLED_CHECK.permits(digestAlgname, cparams); + } catch (CertPathValidatorException e) { + throw new SignatureException(e.getMessage(), e); } MessageDigest md = MessageDigest.getInstance(digestAlgname); @@ -385,17 +395,18 @@ String algname = AlgorithmId.makeSigAlg( digestAlgname, encryptionAlgname); - // check that algorithm is not restricted - if (!JAR_DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, algname, null)) { - throw new SignatureException("Signature check failed. " + - "Disabled algorithm used: " + algname); + // check that jar signature algorithm is not restricted + try { + JAR_DISABLED_CHECK.permits(algname, cparams); + } catch (CertPathValidatorException e) { + throw new SignatureException(e.getMessage(), e); } X509Certificate cert = getCertificate(block); - PublicKey key = cert.getPublicKey(); if (cert == null) { return null; } + PublicKey key = cert.getPublicKey(); // check if the public key is restricted if (!JAR_DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) { @@ -519,7 +530,7 @@ * Extracts a timestamp from a PKCS7 SignerInfo. * * Examines the signer's unsigned attributes for a - * <tt>signatureTimestampToken</tt> attribute. If present, + * {@code signatureTimestampToken} attribute. If present, * then it is parsed to extract the date and time at which the * timestamp was generated. *
--- a/src/share/classes/sun/security/provider/DSA.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/DSA.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -67,6 +67,13 @@ /* Are we debugging? */ private static final boolean debug = false; + /* The number of bits used in exponent blinding */ + private static final int BLINDING_BITS = 7; + + /* The constant component of the exponent blinding value */ + private static final BigInteger BLINDING_CONSTANT = + BigInteger.valueOf(1 << BLINDING_BITS); + /* The parameter object */ private DSAParams params; @@ -312,8 +319,19 @@ return null; } + private BigInteger generateR(BigInteger p, BigInteger q, BigInteger g, BigInteger k) { + + // exponent blinding to hide information from timing channel + SecureRandom random = getSigningRandom(); + // start with a random blinding component + BigInteger blindingValue = new BigInteger(BLINDING_BITS, random); + // add the fixed blinding component + blindingValue = blindingValue.add(BLINDING_CONSTANT); + // replace k with a blinded value that is congruent (mod q) + k = k.add(q.multiply(blindingValue)); + BigInteger temp = g.modPow(k, p); return temp.mod(q); } @@ -378,43 +396,8 @@ byte[] kValue = new byte[(q.bitLength() + 7)/8 + 8]; random.nextBytes(kValue); - BigInteger k = new BigInteger(1, kValue).mod( + return new BigInteger(1, kValue).mod( q.subtract(BigInteger.ONE)).add(BigInteger.ONE); - - // Using an equivalent exponent of fixed length (same as q or 1 bit - // less than q) to keep the kG timing relatively constant. - // - // Note that this is an extra step on top of the approach defined in - // FIPS 186-4 AppendixB.2.1 so as to make a fixed length K. - k = k.add(q).divide(BigInteger.valueOf(2)); - - // An alternative implementation based on FIPS 186-4 AppendixB2.2 - // with fixed-length K. - // - // Please keep it here as we may need to switch to it in the future. - // - // SecureRandom random = getSigningRandom(); - // byte[] kValue = new byte[(q.bitLength() + 7)/8]; - // BigInteger d = q.subtract(BigInteger.TWO); - // BigInteger k; - // do { - // random.nextBytes(kValue); - // BigInteger c = new BigInteger(1, kValue); - // if (c.compareTo(d) <= 0) { - // k = c.add(BigInteger.ONE); - // // Using an equivalent exponent of fixed length to keep - // // the g^k timing relatively constant. - // // - // // Note that this is an extra step on top of the approach - // // defined in FIPS 186-4 AppendixB.2.2 so as to make a - // // fixed length K. - // if (k.bitLength() >= q.bitLength()) { - // break; - // } - // } - // } while (true); - - return k; } // Use the application-specified SecureRandom Object if provided.
--- a/src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,8 +27,11 @@ import java.security.AlgorithmConstraints; import java.security.CryptoPrimitive; +import java.security.Timestamp; +import java.security.cert.CertPathValidator; import java.util.Collection; import java.util.Collections; +import java.util.Date; import java.util.Set; import java.util.EnumSet; import java.math.BigInteger; @@ -51,15 +54,16 @@ import java.security.spec.DSAPublicKeySpec; import sun.security.util.AnchorCertificates; -import sun.security.util.CertConstraintParameters; +import sun.security.util.ConstraintsParameters; import sun.security.util.Debug; import sun.security.util.DisabledAlgorithmConstraints; +import sun.security.validator.Validator; import sun.security.x509.X509CertImpl; import sun.security.x509.X509CRLImpl; import sun.security.x509.AlgorithmId; /** - * A <code>PKIXCertPathChecker</code> implementation to check whether a + * A {@code PKIXCertPathChecker} implementation to check whether a * specified certificate contains the required algorithm constraints. * <p> * Certificate fields such as the subject public key, the signature @@ -69,24 +73,27 @@ * @see PKIXCertPathChecker * @see PKIXParameters */ -final public class AlgorithmChecker extends PKIXCertPathChecker { +public final class AlgorithmChecker extends PKIXCertPathChecker { private static final Debug debug = Debug.getInstance("certpath"); private final AlgorithmConstraints constraints; private final PublicKey trustedPubKey; + private final Date pkixdate; private PublicKey prevPubKey; + private final Timestamp jarTimestamp; + private final String variant; - private final static Set<CryptoPrimitive> SIGNATURE_PRIMITIVE_SET = + private static final Set<CryptoPrimitive> SIGNATURE_PRIMITIVE_SET = Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.SIGNATURE)); - private final static Set<CryptoPrimitive> KU_PRIMITIVE_SET = + private static final Set<CryptoPrimitive> KU_PRIMITIVE_SET = Collections.unmodifiableSet(EnumSet.of( CryptoPrimitive.SIGNATURE, CryptoPrimitive.KEY_ENCAPSULATION, CryptoPrimitive.PUBLIC_KEY_ENCRYPTION, CryptoPrimitive.KEY_AGREEMENT)); - private final static DisabledAlgorithmConstraints + private static final DisabledAlgorithmConstraints certPathDefaultConstraints = new DisabledAlgorithmConstraints( DisabledAlgorithmConstraints.PROPERTY_CERTPATH_DISABLED_ALGS); @@ -99,64 +106,99 @@ private boolean trustedMatch = false; /** - * Create a new <code>AlgorithmChecker</code> with the algorithm - * constraints specified in security property - * "jdk.certpath.disabledAlgorithms". + * Create a new {@code AlgorithmChecker} with the given algorithm + * given {@code TrustAnchor} and {@code String} variant. * * @param anchor the trust anchor selected to validate the target * certificate + * @param variant is the Validator variants of the operation. A null value + * passed will set it to Validator.GENERIC. */ - public AlgorithmChecker(TrustAnchor anchor) { - this(anchor, certPathDefaultConstraints); + public AlgorithmChecker(TrustAnchor anchor, String variant) { + this(anchor, certPathDefaultConstraints, null, null, variant); } /** - * Create a new <code>AlgorithmChecker</code> with the - * given {@code AlgorithmConstraints}. - * <p> - * Note that this constructor will be used to check a certification - * path where the trust anchor is unknown, or a certificate list which may - * contain the trust anchor. This constructor is used by SunJSSE. + * Create a new {@code AlgorithmChecker} with the given + * {@code AlgorithmConstraints}, {@code Timestamp}, and {@code String} + * variant. + * + * Note that this constructor can initialize a variation of situations where + * the AlgorithmConstraints, Timestamp, or Variant maybe known. * * @param constraints the algorithm constraints (or null) + * @param jarTimestamp Timestamp passed for JAR timestamp constraint + * checking. Set to null if not applicable. + * @param variant is the Validator variants of the operation. A null value + * passed will set it to Validator.GENERIC. */ - public AlgorithmChecker(AlgorithmConstraints constraints) { - this.prevPubKey = null; - this.trustedPubKey = null; - this.constraints = constraints; + public AlgorithmChecker(AlgorithmConstraints constraints, + Timestamp jarTimestamp, String variant) { + this(null, constraints, null, jarTimestamp, variant); } /** - * Create a new <code>AlgorithmChecker</code> with the - * given <code>TrustAnchor</code> and <code>AlgorithmConstraints</code>. + * Create a new {@code AlgorithmChecker} with the + * given {@code TrustAnchor}, {@code AlgorithmConstraints}, + * {@code Timestamp}, and {@code String} variant. * * @param anchor the trust anchor selected to validate the target * certificate * @param constraints the algorithm constraints (or null) - * - * @throws IllegalArgumentException if the <code>anchor</code> is null + * @param pkixdate The date specified by the PKIXParameters date. If the + * PKIXParameters is null, the current date is used. This + * should be null when jar files are being checked. + * @param jarTimestamp Timestamp passed for JAR timestamp constraint + * checking. Set to null if not applicable. + * @param variant is the Validator variants of the operation. A null value + * passed will set it to Validator.GENERIC. */ public AlgorithmChecker(TrustAnchor anchor, - AlgorithmConstraints constraints) { + AlgorithmConstraints constraints, Date pkixdate, + Timestamp jarTimestamp, String variant) { - if (anchor == null) { - throw new IllegalArgumentException( - "The trust anchor cannot be null"); + if (anchor != null) { + if (anchor.getTrustedCert() != null) { + this.trustedPubKey = anchor.getTrustedCert().getPublicKey(); + // Check for anchor certificate restrictions + trustedMatch = checkFingerprint(anchor.getTrustedCert()); + if (trustedMatch && debug != null) { + debug.println("trustedMatch = true"); + } + } else { + this.trustedPubKey = anchor.getCAPublicKey(); + } + } else { + this.trustedPubKey = null; + if (debug != null) { + debug.println("TrustAnchor is null, trustedMatch is false."); + } } - if (anchor.getTrustedCert() != null) { - this.trustedPubKey = anchor.getTrustedCert().getPublicKey(); - // Check for anchor certificate restrictions - trustedMatch = checkFingerprint(anchor.getTrustedCert()); - if (trustedMatch && debug != null) { - debug.println("trustedMatch = true"); - } - } else { - this.trustedPubKey = anchor.getCAPublicKey(); - } + this.prevPubKey = this.trustedPubKey; + this.constraints = (constraints == null ? certPathDefaultConstraints : + constraints); + // If we are checking jar files, set pkixdate the same as the timestamp + // for certificate checking + this.pkixdate = (jarTimestamp != null ? jarTimestamp.getTimestamp() : + pkixdate); + this.jarTimestamp = jarTimestamp; + this.variant = (variant == null ? Validator.VAR_GENERIC : variant); + } - this.prevPubKey = trustedPubKey; - this.constraints = constraints; + /** + * Create a new {@code AlgorithmChecker} with the given {@code TrustAnchor}, + * {@code PKIXParameter} date, and {@code varient} + * + * @param anchor the trust anchor selected to validate the target + * certificate + * @param pkixdate Date the constraints are checked against. The value is + * either the PKIXParameters date or null for the current date. + * @param variant is the Validator variants of the operation. A null value + * passed will set it to Validator.GENERIC. + */ + public AlgorithmChecker(TrustAnchor anchor, Date pkixdate, String variant) { + this(anchor, certPathDefaultConstraints, pkixdate, null, variant); } // Check this 'cert' for restrictions in the AnchorCertificates @@ -217,6 +259,28 @@ null, null, -1, PKIXReason.INVALID_KEY_USAGE); } + X509CertImpl x509Cert; + AlgorithmId algorithmId; + try { + x509Cert = X509CertImpl.toImpl((X509Certificate)cert); + algorithmId = (AlgorithmId)x509Cert.get(X509CertImpl.SIG_ALG); + } catch (CertificateException ce) { + throw new CertPathValidatorException(ce); + } + + AlgorithmParameters currSigAlgParams = algorithmId.getParameters(); + PublicKey currPubKey = cert.getPublicKey(); + String currSigAlg = ((X509Certificate)cert).getSigAlgName(); + + // Check the signature algorithm and parameters against constraints. + if (!constraints.permits(SIGNATURE_PRIMITIVE_SET, currSigAlg, + currSigAlgParams)) { + throw new CertPathValidatorException( + "Algorithm constraints check failed on signature " + + "algorithm: " + currSigAlg, null, null, -1, + BasicReason.ALGORITHM_CONSTRAINED); + } + // Assume all key usage bits are set if key usage is not present Set<CryptoPrimitive> primitives = KU_PRIMITIVE_SET; @@ -253,101 +317,74 @@ } } - PublicKey currPubKey = cert.getPublicKey(); + ConstraintsParameters cp = + new ConstraintsParameters((X509Certificate)cert, + trustedMatch, pkixdate, jarTimestamp, variant); + // Check against local constraints if it is DisabledAlgorithmConstraints if (constraints instanceof DisabledAlgorithmConstraints) { - // Check against DisabledAlgorithmConstraints certpath constraints. - // permits() will throw exception on failure. - ((DisabledAlgorithmConstraints)constraints).permits(primitives, - new CertConstraintParameters((X509Certificate)cert, - trustedMatch)); - // If there is no previous key, set one and exit - if (prevPubKey == null) { - prevPubKey = currPubKey; - return; + ((DisabledAlgorithmConstraints)constraints).permits(currSigAlg, cp); + // DisabledAlgorithmsConstraints does not check primitives, so key + // additional key check. + + } else { + // Perform the default constraints checking anyway. + certPathDefaultConstraints.permits(currSigAlg, cp); + // Call locally set constraints to check key with primitives. + if (!constraints.permits(primitives, currPubKey)) { + throw new CertPathValidatorException( + "Algorithm constraints check failed on key " + + currPubKey.getAlgorithm() + " with size of " + + sun.security.util.KeyUtil.getKeySize(currPubKey) + + "bits", + null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); } } - X509CertImpl x509Cert; - AlgorithmId algorithmId; - try { - x509Cert = X509CertImpl.toImpl((X509Certificate)cert); - algorithmId = (AlgorithmId)x509Cert.get(X509CertImpl.SIG_ALG); - } catch (CertificateException ce) { - throw new CertPathValidatorException(ce); - } - - AlgorithmParameters currSigAlgParams = algorithmId.getParameters(); - String currSigAlg = x509Cert.getSigAlgName(); - - // If 'constraints' is not of DisabledAlgorithmConstraints, check all - // everything individually - if (!(constraints instanceof DisabledAlgorithmConstraints)) { - // Check the current signature algorithm - if (!constraints.permits( - SIGNATURE_PRIMITIVE_SET, - currSigAlg, currSigAlgParams)) { - throw new CertPathValidatorException( - "Algorithm constraints check failed on signature " + - "algorithm: " + currSigAlg, null, null, -1, - BasicReason.ALGORITHM_CONSTRAINED); - } - - if (!constraints.permits(primitives, currPubKey)) { - throw new CertPathValidatorException( - "Algorithm constraints check failed on keysize: " + - sun.security.util.KeyUtil.getKeySize(currPubKey), - null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); - } + // If there is no previous key, set one and exit + if (prevPubKey == null) { + prevPubKey = currPubKey; + return; } // Check with previous cert for signature algorithm and public key - if (prevPubKey != null) { - if (!constraints.permits( - SIGNATURE_PRIMITIVE_SET, - currSigAlg, prevPubKey, currSigAlgParams)) { - throw new CertPathValidatorException( + if (!constraints.permits( + SIGNATURE_PRIMITIVE_SET, + currSigAlg, prevPubKey, currSigAlgParams)) { + throw new CertPathValidatorException( "Algorithm constraints check failed on " + "signature algorithm: " + currSigAlg, - null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); - } + null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); + } - // Inherit key parameters from previous key - if (PKIX.isDSAPublicKeyWithoutParams(currPubKey)) { - // Inherit DSA parameters from previous key - if (!(prevPubKey instanceof DSAPublicKey)) { - throw new CertPathValidatorException("Input key is not " + + // Inherit key parameters from previous key + if (PKIX.isDSAPublicKeyWithoutParams(currPubKey)) { + // Inherit DSA parameters from previous key + if (!(prevPubKey instanceof DSAPublicKey)) { + throw new CertPathValidatorException("Input key is not " + "of a appropriate type for inheriting parameters"); - } + } - DSAParams params = ((DSAPublicKey)prevPubKey).getParams(); - if (params == null) { - throw new CertPathValidatorException( + DSAParams params = ((DSAPublicKey)prevPubKey).getParams(); + if (params == null) { + throw new CertPathValidatorException( "Key parameters missing from public key."); - } + } - try { - BigInteger y = ((DSAPublicKey)currPubKey).getY(); - KeyFactory kf = KeyFactory.getInstance("DSA"); - DSAPublicKeySpec ks = new DSAPublicKeySpec(y, - params.getP(), - params.getQ(), - params.getG()); - currPubKey = kf.generatePublic(ks); - } catch (GeneralSecurityException e) { - throw new CertPathValidatorException("Unable to generate " + + try { + BigInteger y = ((DSAPublicKey)currPubKey).getY(); + KeyFactory kf = KeyFactory.getInstance("DSA"); + DSAPublicKeySpec ks = new DSAPublicKeySpec(y, params.getP(), + params.getQ(), params.getG()); + currPubKey = kf.generatePublic(ks); + } catch (GeneralSecurityException e) { + throw new CertPathValidatorException("Unable to generate " + "key with inherited parameters: " + e.getMessage(), e); - } } } // reset the previous public key prevPubKey = currPubKey; - - // check the extended key usage, ignore the check now - // List<String> extendedKeyUsages = x509Cert.getExtendedKeyUsage(); - - // DO NOT remove any unresolved critical extensions } /** @@ -387,8 +424,10 @@ * * @param key the public key to verify the CRL signature * @param crl the target CRL + * @param variant is the Validator variants of the operation. A null value + * passed will set it to Validator.GENERIC. */ - static void check(PublicKey key, X509CRL crl) + static void check(PublicKey key, X509CRL crl, String variant) throws CertPathValidatorException { X509CRLImpl x509CRLImpl = null; @@ -399,28 +438,24 @@ } AlgorithmId algorithmId = x509CRLImpl.getSigAlgId(); - check(key, algorithmId); + check(key, algorithmId, variant); } /** * Check the signature algorithm with the specified public key. * * @param key the public key to verify the CRL signature - * @param crl the target CRL + * @param algorithmId signature algorithm Algorithm ID + * @param variant is the Validator variants of the operation. A null value + * passed will set it to Validator.GENERIC. */ - static void check(PublicKey key, AlgorithmId algorithmId) + static void check(PublicKey key, AlgorithmId algorithmId, String variant) throws CertPathValidatorException { String sigAlgName = algorithmId.getName(); AlgorithmParameters sigAlgParams = algorithmId.getParameters(); - if (!certPathDefaultConstraints.permits( - SIGNATURE_PRIMITIVE_SET, sigAlgName, key, sigAlgParams)) { - throw new CertPathValidatorException( - "Algorithm constraints check failed on signature algorithm: " + - sigAlgName + " is disabled", - null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); - } + certPathDefaultConstraints.permits(new ConstraintsParameters( + sigAlgName, sigAlgParams, key, variant)); } - }
--- a/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -33,6 +33,7 @@ import java.util.*; import sun.security.util.Debug; +import sun.security.validator.Validator; import static sun.security.x509.PKIXExtensions.*; import sun.security.x509.*; @@ -66,6 +67,20 @@ * an X509CRLSelector with certificateChecking set. */ public static Collection<X509CRL> getCRLs(X509CRLSelector selector, + boolean signFlag, PublicKey prevKey, String provider, + List<CertStore> certStores, boolean[] reasonsMask, + Set<TrustAnchor> trustAnchors, Date validity, String variant) + throws CertStoreException + { + return getCRLs(selector, signFlag, prevKey, null, provider, certStores, + reasonsMask, trustAnchors, validity, variant); + } + /** + * Return the X509CRLs matching this selector. The selector must be + * an X509CRLSelector with certificateChecking set. + */ + // Called by com.sun.deploy.security.RevocationChecker + public static Collection<X509CRL> getCRLs(X509CRLSelector selector, boolean signFlag, PublicKey prevKey, String provider, @@ -76,7 +91,7 @@ throws CertStoreException { return getCRLs(selector, signFlag, prevKey, null, provider, certStores, - reasonsMask, trustAnchors, validity); + reasonsMask, trustAnchors, validity, Validator.VAR_GENERIC); } /** @@ -91,7 +106,8 @@ List<CertStore> certStores, boolean[] reasonsMask, Set<TrustAnchor> trustAnchors, - Date validity) + Date validity, + String variant) throws CertStoreException { X509Certificate cert = selector.getCertificateChecking(); @@ -120,7 +136,7 @@ DistributionPoint point = t.next(); Collection<X509CRL> crls = getCRLs(selector, certImpl, point, reasonsMask, signFlag, prevKey, prevCert, provider, - certStores, trustAnchors, validity); + certStores, trustAnchors, validity, variant); results.addAll(crls); } if (debug != null) { @@ -145,7 +161,7 @@ X509CertImpl certImpl, DistributionPoint point, boolean[] reasonsMask, boolean signFlag, PublicKey prevKey, X509Certificate prevCert, String provider, List<CertStore> certStores, - Set<TrustAnchor> trustAnchors, Date validity) + Set<TrustAnchor> trustAnchors, Date validity, String variant) throws CertStoreException { // check for full name @@ -208,7 +224,7 @@ selector.setIssuerNames(null); if (selector.match(crl) && verifyCRL(certImpl, point, crl, reasonsMask, signFlag, prevKey, prevCert, provider, - trustAnchors, certStores, validity)) { + trustAnchors, certStores, validity, variant)) { crls.add(crl); } } catch (IOException | CRLException e) { @@ -317,7 +333,7 @@ X509CRL crl, boolean[] reasonsMask, boolean signFlag, PublicKey prevKey, X509Certificate prevCert, String provider, Set<TrustAnchor> trustAnchors, List<CertStore> certStores, - Date validity) throws CRLException, IOException { + Date validity, String variant) throws CRLException, IOException { if (debug != null) { debug.println("DistributionPointFetcher.verifyCRL: " + @@ -443,7 +459,7 @@ } if (indirectCRL) { if (pointCrlIssuers.size() != 1) { - // RFC 3280: there must be only 1 CRL issuer + // RFC 5280: there must be only 1 CRL issuer // name when relativeName is present if (debug != null) { debug.println("must only be one CRL " + @@ -664,7 +680,7 @@ // check the crl signature algorithm try { - AlgorithmChecker.check(prevKey, crl); + AlgorithmChecker.check(prevKey, crl, variant); } catch (CertPathValidatorException cpve) { if (debug != null) { debug.println("CRL signature algorithm check failed: " + cpve);
--- a/src/share/classes/sun/security/provider/certpath/OCSP.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/certpath/OCSP.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -35,6 +35,7 @@ import java.security.cert.CertPathValidatorException.BasicReason; import java.security.cert.CRLReason; import java.security.cert.Extension; +import java.security.cert.TrustAnchor; import java.security.cert.X509Certificate; import java.util.Arrays; import java.util.Collections; @@ -42,14 +43,14 @@ import java.util.List; import java.util.Map; -import static sun.security.provider.certpath.OCSPResponse.*; import sun.security.action.GetIntegerAction; import sun.security.util.Debug; -import sun.security.util.ObjectIdentifier; +import sun.security.validator.Validator; import sun.security.x509.AccessDescription; import sun.security.x509.AuthorityInfoAccessExtension; import sun.security.x509.GeneralName; import sun.security.x509.GeneralNameInterface; +import sun.security.x509.PKIXExtensions; import sun.security.x509.URIName; import sun.security.x509.X509CertImpl; @@ -65,9 +66,6 @@ */ public final class OCSP { - static final ObjectIdentifier NONCE_EXTENSION_OID = - ObjectIdentifier.newInternal(new int[]{ 1, 3, 6, 1, 5, 5, 7, 48, 1, 2}); - private static final Debug debug = Debug.getInstance("certpath"); private static final int DEFAULT_CONNECT_TIMEOUT = 15000; @@ -97,42 +95,6 @@ private OCSP() {} - /** - * Obtains the revocation status of a certificate using OCSP using the most - * common defaults. The OCSP responder URI is retrieved from the - * certificate's AIA extension. The OCSP responder certificate is assumed - * to be the issuer's certificate (or issued by the issuer CA). - * - * @param cert the certificate to be checked - * @param issuerCert the issuer certificate - * @return the RevocationStatus - * @throws IOException if there is an exception connecting to or - * communicating with the OCSP responder - * @throws CertPathValidatorException if an exception occurs while - * encoding the OCSP Request or validating the OCSP Response - */ - public static RevocationStatus check(X509Certificate cert, - X509Certificate issuerCert) - throws IOException, CertPathValidatorException { - CertId certId = null; - URI responderURI = null; - try { - X509CertImpl certImpl = X509CertImpl.toImpl(cert); - responderURI = getResponderURI(certImpl); - if (responderURI == null) { - throw new CertPathValidatorException - ("No OCSP Responder URI in certificate"); - } - certId = new CertId(issuerCert, certImpl.getSerialNumberObject()); - } catch (CertificateException | IOException e) { - throw new CertPathValidatorException - ("Exception while encoding OCSPRequest", e); - } - OCSPResponse ocspResponse = check(Collections.singletonList(certId), - responderURI, issuerCert, null, null, - Collections.<Extension>emptyList()); - return (RevocationStatus)ocspResponse.getSingleResponse(certId); - } /** * Obtains the revocation status of a certificate using OCSP. @@ -149,6 +111,8 @@ * @throws CertPathValidatorException if an exception occurs while * encoding the OCSP Request or validating the OCSP Response */ + + // Called by com.sun.deploy.security.TrustDecider public static RevocationStatus check(X509Certificate cert, X509Certificate issuerCert, URI responderURI, @@ -157,18 +121,27 @@ throws IOException, CertPathValidatorException { return check(cert, issuerCert, responderURI, responderCert, date, - Collections.<Extension>emptyList()); + Collections.<Extension>emptyList(), Validator.VAR_GENERIC); } - // Called by com.sun.deploy.security.TrustDecider + public static RevocationStatus check(X509Certificate cert, - X509Certificate issuerCert, - URI responderURI, - X509Certificate responderCert, - Date date, List<Extension> extensions) + X509Certificate issuerCert, URI responderURI, + X509Certificate responderCert, Date date, List<Extension> extensions, + String variant) throws IOException, CertPathValidatorException { - CertId certId = null; + return check(cert, responderURI, null, issuerCert, responderCert, date, + extensions, variant); + } + + public static RevocationStatus check(X509Certificate cert, + URI responderURI, TrustAnchor anchor, X509Certificate issuerCert, + X509Certificate responderCert, Date date, + List<Extension> extensions, String variant) + throws IOException, CertPathValidatorException + { + CertId certId; try { X509CertImpl certImpl = X509CertImpl.toImpl(cert); certId = new CertId(issuerCert, certImpl.getSerialNumberObject()); @@ -177,19 +150,23 @@ ("Exception while encoding OCSPRequest", e); } OCSPResponse ocspResponse = check(Collections.singletonList(certId), - responderURI, issuerCert, responderCert, date, extensions); + responderURI, new OCSPResponse.IssuerInfo(anchor, issuerCert), + responderCert, date, extensions, variant); return (RevocationStatus) ocspResponse.getSingleResponse(certId); } /** * Checks the revocation status of a list of certificates using OCSP. * - * @param certs the CertIds to be checked + * @param certIds the CertIds to be checked * @param responderURI the URI of the OCSP responder - * @param issuerCert the issuer's certificate + * @param issuerInfo the issuer's certificate and/or subject and public key * @param responderCert the OCSP responder's certificate * @param date the time the validity of the OCSP responder's certificate * should be checked against. If null, the current time is used. + * @param extensions zero or more OCSP extensions to be included in the + * request. If no extensions are requested, an empty {@code List} must + * be used. A {@code null} value is not allowed. * @return the OCSPResponse * @throws IOException if there is an exception connecting to or * communicating with the OCSP responder @@ -197,24 +174,59 @@ * encoding the OCSP Request or validating the OCSP Response */ static OCSPResponse check(List<CertId> certIds, URI responderURI, - X509Certificate issuerCert, + OCSPResponse.IssuerInfo issuerInfo, X509Certificate responderCert, Date date, - List<Extension> extensions) + List<Extension> extensions, String variant) throws IOException, CertPathValidatorException { - byte[] bytes = null; - OCSPRequest request = null; + byte[] nonce = null; + for (Extension ext : extensions) { + if (ext.getId().equals(PKIXExtensions.OCSPNonce_Id.toString())) { + nonce = ext.getValue(); + } + } + + OCSPResponse ocspResponse = null; try { - request = new OCSPRequest(certIds, extensions); - bytes = request.encodeBytes(); + byte[] response = getOCSPBytes(certIds, responderURI, extensions); + ocspResponse = new OCSPResponse(response); + + // verify the response + ocspResponse.verify(certIds, issuerInfo, responderCert, date, + nonce, variant); } catch (IOException ioe) { - throw new CertPathValidatorException - ("Exception while encoding OCSPRequest", ioe); + throw new CertPathValidatorException( + "Unable to determine revocation status due to network error", + ioe, null, -1, BasicReason.UNDETERMINED_REVOCATION_STATUS); } + return ocspResponse; + } + + + /** + * Send an OCSP request, then read and return the OCSP response bytes. + * + * @param certIds the CertIds to be checked + * @param responderURI the URI of the OCSP responder + * @param extensions zero or more OCSP extensions to be included in the + * request. If no extensions are requested, an empty {@code List} must + * be used. A {@code null} value is not allowed. + * + * @return the OCSP response bytes + * + * @throws IOException if there is an exception connecting to or + * communicating with the OCSP responder + */ + public static byte[] getOCSPBytes(List<CertId> certIds, URI responderURI, + List<Extension> extensions) throws IOException { + OCSPRequest request = new OCSPRequest(certIds, extensions); + byte[] bytes = request.encodeBytes(); + InputStream in = null; OutputStream out = null; byte[] response = null; + try { URL url = responderURI.toURL(); if (debug != null) { @@ -257,10 +269,6 @@ } } response = Arrays.copyOf(response, total); - } catch (IOException ioe) { - throw new CertPathValidatorException( - "Unable to determine revocation status due to network error", - ioe, null, -1, BasicReason.UNDETERMINED_REVOCATION_STATUS); } finally { if (in != null) { try { @@ -277,20 +285,7 @@ } } } - - OCSPResponse ocspResponse = null; - try { - ocspResponse = new OCSPResponse(response); - } catch (IOException ioe) { - // response decoding exception - throw new CertPathValidatorException(ioe); - } - - // verify the response - ocspResponse.verify(certIds, issuerCert, responderCert, date, - request.getNonce()); - - return ocspResponse; + return response; } /** @@ -322,7 +317,7 @@ List<AccessDescription> descriptions = aia.getAccessDescriptions(); for (AccessDescription description : descriptions) { - if (description.getAccessMethod().equals((Object) + if (description.getAccessMethod().equals( AccessDescription.Ad_OCSP_Id)) { GeneralName generalName = description.getAccessLocation();
--- a/src/share/classes/sun/security/provider/certpath/OCSPRequest.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/certpath/OCSPRequest.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,10 +32,11 @@ import sun.misc.HexDumpEncoder; import sun.security.util.*; +import sun.security.x509.PKIXExtensions; /** * This class can be used to generate an OCSP request and send it over - * an outputstream. Currently we do not support signing requests + * an output stream. Currently we do not support signing requests. * The OCSP Request is specified in RFC 2560 and * the ASN.1 definition is as follows: * <pre> @@ -118,7 +119,8 @@ DerOutputStream extOut = new DerOutputStream(); for (Extension ext : extensions) { ext.encode(extOut); - if (ext.getId().equals(OCSP.NONCE_EXTENSION_OID.toString())) { + if (ext.getId().equals( + PKIXExtensions.OCSPNonce_Id.toString())) { nonce = ext.getValue(); } }
--- a/src/share/classes/sun/security/provider/certpath/OCSPResponse.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/certpath/OCSPResponse.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -41,6 +41,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Set; import javax.security.auth.x500.X500Principal; import sun.misc.HexDumpEncoder; @@ -129,7 +130,7 @@ SIG_REQUIRED, // Must sign the request UNAUTHORIZED // Request unauthorized }; - private static ResponseStatus[] rsvalues = ResponseStatus.values(); + private static final ResponseStatus[] rsvalues = ResponseStatus.values(); private static final Debug debug = Debug.getInstance("certpath"); private static final boolean dump = debug != null && Debug.isOn("ocsp"); @@ -173,7 +174,7 @@ } // an array of all of the CRLReasons (used in SingleResponse) - private static CRLReason[] values = CRLReason.values(); + private static final CRLReason[] values = CRLReason.values(); private final ResponseStatus responseStatus; private final Map<CertId, SingleResponse> singleResponseMap; @@ -183,13 +184,16 @@ private final byte[] responseNonce; private List<X509CertImpl> certs; private X509CertImpl signerCert = null; - private X500Principal responderName = null; - private KeyIdentifier responderKeyId = null; + private final ResponderId respId; + private Date producedAtDate = null; + private final Map<String, java.security.cert.Extension> responseExtensions; /* * Create an OCSP response from its ASN.1 DER encoding. + * + * @param bytes The DER-encoded bytes for an OCSP response */ - OCSPResponse(byte[] bytes) throws IOException { + public OCSPResponse(byte[] bytes) throws IOException { if (dump) { HexDumpEncoder hexEnc = new HexDumpEncoder(); debug.println("OCSPResponse bytes...\n\n" + @@ -221,6 +225,8 @@ signature = null; tbsResponseData = null; responseNonce = null; + responseExtensions = Collections.emptyMap(); + respId = null; return; } @@ -289,27 +295,15 @@ } // responderID - short tag = (byte)(seq.tag & 0x1f); - if (tag == NAME_TAG) { - responderName = new X500Principal(seq.getData().toByteArray()); - if (debug != null) { - debug.println("Responder's name: " + responderName); - } - } else if (tag == KEY_TAG) { - responderKeyId = new KeyIdentifier(seq.getData().getOctetString()); - if (debug != null) { - debug.println("Responder's key ID: " + - Debug.toString(responderKeyId.getIdentifier())); - } - } else { - throw new IOException("Bad encoding in responderID element of " + - "OCSP response: expected ASN.1 context specific tag 0 or 1"); + respId = new ResponderId(seq.toByteArray()); + if (debug != null) { + debug.println("Responder ID: " + respId); } // producedAt seq = seqDerIn.getDerValue(); + producedAtDate = seq.getGeneralizedTime(); if (debug != null) { - Date producedAtDate = seq.getGeneralizedTime(); debug.println("OCSP response produced at: " + producedAtDate); } @@ -320,37 +314,29 @@ debug.println("OCSP number of SingleResponses: " + singleResponseDer.length); } - for (int i = 0; i < singleResponseDer.length; i++) { - SingleResponse singleResponse = - new SingleResponse(singleResponseDer[i]); + for (DerValue srDer : singleResponseDer) { + SingleResponse singleResponse = new SingleResponse(srDer); singleResponseMap.put(singleResponse.getCertId(), singleResponse); } // responseExtensions - byte[] nonce = null; + Map<String, java.security.cert.Extension> tmpExtMap = new HashMap<>(); if (seqDerIn.available() > 0) { seq = seqDerIn.getDerValue(); if (seq.isContextSpecific((byte)1)) { - DerValue[] responseExtDer = seq.data.getSequence(3); - for (int i = 0; i < responseExtDer.length; i++) { - Extension ext = new Extension(responseExtDer[i]); - if (debug != null) { - debug.println("OCSP extension: " + ext); - } - // Only the NONCE extension is recognized - if (ext.getExtensionId().equals((Object) - OCSP.NONCE_EXTENSION_OID)) - { - nonce = ext.getExtensionValue(); - } else if (ext.isCritical()) { - throw new IOException( - "Unsupported OCSP critical extension: " + - ext.getExtensionId()); - } - } + tmpExtMap = parseExtensions(seq); } } - responseNonce = nonce; + responseExtensions = tmpExtMap; + + // Attach the nonce value if found in the extension map + Extension nonceExt = (Extension)tmpExtMap.get( + PKIXExtensions.OCSPNonce_Id.toString()); + responseNonce = (nonceExt != null) ? + nonceExt.getExtensionValue() : null; + if (debug != null && responseNonce != null) { + debug.println("Response nonce: " + Arrays.toString(responseNonce)); + } // signatureAlgorithmId sigAlgId = AlgorithmId.parse(seqTmp[1]); @@ -387,8 +373,9 @@ } } - void verify(List<CertId> certIds, X509Certificate issuerCert, - X509Certificate responderCert, Date date, byte[] nonce) + void verify(List<CertId> certIds, IssuerInfo issuerInfo, + X509Certificate responderCert, Date date, byte[] nonce, + String variant) throws CertPathValidatorException { switch (responseStatus) { @@ -428,7 +415,9 @@ // Add the Issuing CA cert and/or Trusted Responder cert to the list // of certs from the OCSP response try { - certs.add(X509CertImpl.toImpl(issuerCert)); + if (issuerInfo.getCertificate() != null) { + certs.add(X509CertImpl.toImpl(issuerInfo.getCertificate())); + } if (responderCert != null) { certs.add(X509CertImpl.toImpl(responderCert)); } @@ -437,20 +426,22 @@ "Invalid issuer or trusted responder certificate", ce); } - if (responderName != null) { + if (respId.getType() == ResponderId.Type.BY_NAME) { + X500Principal rName = respId.getResponderName(); for (X509CertImpl cert : certs) { - if (cert.getSubjectX500Principal().equals(responderName)) { + if (cert.getSubjectX500Principal().equals(rName)) { signerCert = cert; break; } } - } else if (responderKeyId != null) { + } else if (respId.getType() == ResponderId.Type.BY_KEY) { + KeyIdentifier ridKeyId = respId.getKeyIdentifier(); for (X509CertImpl cert : certs) { // Match responder's key identifier against the cert's SKID // This will match if the SKID is encoded using the 160-bit // SHA-1 hash method as defined in RFC 5280. KeyIdentifier certKeyId = cert.getSubjectKeyId(); - if (certKeyId != null && responderKeyId.equals(certKeyId)) { + if (certKeyId != null && ridKeyId.equals(certKeyId)) { signerCert = cert; break; } else { @@ -464,7 +455,7 @@ } catch (IOException e) { // ignore } - if (responderKeyId.equals(certKeyId)) { + if (ridKeyId.equals(certKeyId)) { signerCert = cert; break; } @@ -476,7 +467,10 @@ // Check whether the signer cert returned by the responder is trusted if (signerCert != null) { // Check if the response is signed by the issuing CA - if (signerCert.equals(issuerCert)) { + if (signerCert.getSubjectX500Principal().equals( + issuerInfo.getName()) && + signerCert.getPublicKey().equals( + issuerInfo.getPublicKey())) { if (debug != null) { debug.println("OCSP response is signed by the target's " + "Issuing CA"); @@ -493,7 +487,7 @@ // Check if the response is signed by an authorized responder } else if (signerCert.getIssuerX500Principal().equals( - issuerCert.getSubjectX500Principal())) { + issuerInfo.getName())) { // Check for the OCSPSigning key purpose try { @@ -513,8 +507,9 @@ // Check algorithm constraints specified in security property // "jdk.certpath.disabledAlgorithms". - AlgorithmChecker algChecker = new AlgorithmChecker( - new TrustAnchor(issuerCert, null)); + AlgorithmChecker algChecker = + new AlgorithmChecker(issuerInfo.getAnchor(), date, + variant); algChecker.init(false); algChecker.check(signerCert, Collections.<String>emptySet()); @@ -552,7 +547,7 @@ // verify the signature try { - signerCert.verify(issuerCert.getPublicKey()); + signerCert.verify(issuerInfo.getPublicKey()); if (debug != null) { debug.println("OCSP response is signed by an " + "Authorized Responder"); @@ -574,7 +569,7 @@ if (signerCert != null) { // Check algorithm constraints specified in security property // "jdk.certpath.disabledAlgorithms". - AlgorithmChecker.check(signerCert.getPublicKey(), sigAlgId); + AlgorithmChecker.check(signerCert.getPublicKey(), sigAlgId, variant); if (!verifySignature(signerCert)) { throw new CertPathValidatorException( @@ -593,7 +588,6 @@ } // Check freshness of OCSPResponse - long now = (date == null) ? System.currentTimeMillis() : date.getTime(); Date nowPlusSkew = new Date(now + MAX_CLOCK_SKEW); Date nowMinusSkew = new Date(now - MAX_CLOCK_SKEW); @@ -604,16 +598,16 @@ until = " until " + sr.nextUpdate; } debug.println("OCSP response validity interval is from " + - sr.thisUpdate + until); + sr.thisUpdate + until); debug.println("Checking validity of OCSP response on: " + - new Date(now)); + new Date(now)); } // Check that the test date is within the validity interval: // [ thisUpdate - MAX_CLOCK_SKEW, // MAX(thisUpdate, nextUpdate) + MAX_CLOCK_SKEW ] if (nowPlusSkew.before(sr.thisUpdate) || - nowMinusSkew.after( + nowMinusSkew.after( sr.nextUpdate != null ? sr.nextUpdate : sr.thisUpdate)) { throw new CertPathValidatorException( @@ -625,8 +619,10 @@ /** * Returns the OCSP ResponseStatus. + * + * @return the {@code ResponseStatus} for this OCSP response */ - ResponseStatus getResponseStatus() { + public ResponseStatus getResponseStatus() { return responseStatus; } @@ -664,11 +660,27 @@ /** * Returns the SingleResponse of the specified CertId, or null if * there is no response for that CertId. + * + * @param certId the {@code CertId} for a {@code SingleResponse} to be + * searched for in the OCSP response. + * + * @return the {@code SingleResponse} for the provided {@code CertId}, + * or {@code null} if it is not found. */ - SingleResponse getSingleResponse(CertId certId) { + public SingleResponse getSingleResponse(CertId certId) { return singleResponseMap.get(certId); } + /** + * Return a set of all CertIds in this {@code OCSPResponse} + * + * @return an unmodifiable set containing every {@code CertId} in this + * response. + */ + public Set<CertId> getCertIds() { + return Collections.unmodifiableSet(singleResponseMap.keySet()); + } + /* * Returns the certificate for the authority that signed the OCSP response. */ @@ -676,10 +688,86 @@ return signerCert; // set in verify() } + /** + * Get the {@code ResponderId} from this {@code OCSPResponse} + * + * @return the {@code ResponderId} from this response or {@code null} + * if no responder ID is in the body of the response (e.g. a + * response with a status other than SUCCESS. + */ + public ResponderId getResponderId() { + return respId; + } + + /** + * Provide a String representation of an OCSPResponse + * + * @return a human-readable representation of the OCSPResponse + */ + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("OCSP Response:\n"); + sb.append("Response Status: ").append(responseStatus).append("\n"); + sb.append("Responder ID: ").append(respId).append("\n"); + sb.append("Produced at: ").append(producedAtDate).append("\n"); + int count = singleResponseMap.size(); + sb.append(count).append(count == 1 ? + " response:\n" : " responses:\n"); + for (SingleResponse sr : singleResponseMap.values()) { + sb.append(sr).append("\n"); + } + if (responseExtensions != null && responseExtensions.size() > 0) { + count = responseExtensions.size(); + sb.append(count).append(count == 1 ? + " extension:\n" : " extensions:\n"); + for (String extId : responseExtensions.keySet()) { + sb.append(responseExtensions.get(extId)).append("\n"); + } + } + + return sb.toString(); + } + + /** + * Build a String-Extension map from DER encoded data. + * @param derVal A {@code DerValue} object built from a SEQUENCE of + * extensions + * + * @return a {@code Map} using the OID in string form as the keys. If no + * extensions are found or an empty SEQUENCE is passed in, then + * an empty {@code Map} will be returned. + * + * @throws IOException if any decoding errors occur. + */ + private static Map<String, java.security.cert.Extension> + parseExtensions(DerValue derVal) throws IOException { + DerValue[] extDer = derVal.data.getSequence(3); + Map<String, java.security.cert.Extension> extMap = + new HashMap<>(extDer.length); + + for (DerValue extDerVal : extDer) { + Extension ext = new Extension(extDerVal); + if (debug != null) { + debug.println("Extension: " + ext); + } + // We don't support any extensions yet. Therefore, if it + // is critical we must throw an exception because we + // don't know how to process it. + if (ext.isCritical()) { + throw new IOException("Unsupported OCSP critical extension: " + + ext.getExtensionId()); + } + extMap.put(ext.getId(), ext); + } + + return extMap; + } + /* * A class representing a single OCSP response. */ - final static class SingleResponse implements OCSP.RevocationStatus { + public static final class SingleResponse implements OCSP.RevocationStatus { private final CertId certId; private final CertStatus certStatus; private final Date thisUpdate; @@ -724,7 +812,7 @@ } } else { revocationTime = null; - revocationReason = CRLReason.UNSPECIFIED; + revocationReason = null; if (tag == CERT_STATUS_GOOD) { certStatus = CertStatus.GOOD; } else if (tag == CERT_STATUS_UNKNOWN) { @@ -735,77 +823,131 @@ } thisUpdate = tmp.getGeneralizedTime(); - - if (tmp.available() == 0) { - // we are done - nextUpdate = null; - } else { - derVal = tmp.getDerValue(); - tag = (byte)(derVal.tag & 0x1f); - if (tag == 0) { - // next update - nextUpdate = derVal.data.getGeneralizedTime(); + if (debug != null) { + debug.println("thisUpdate: " + thisUpdate); + } - if (tmp.available() == 0) { - // we are done - } else { - derVal = tmp.getDerValue(); - tag = (byte)(derVal.tag & 0x1f); - } - } else { - nextUpdate = null; - } - } - // singleExtensions + // Parse optional fields like nextUpdate and singleExtensions + Date tmpNextUpdate = null; + Map<String, java.security.cert.Extension> tmpMap = null; + + // Check for the first optional item, it could be nextUpdate + // [CONTEXT 0] or singleExtensions [CONTEXT 1] if (tmp.available() > 0) { derVal = tmp.getDerValue(); - if (derVal.isContextSpecific((byte)1)) { - DerValue[] singleExtDer = derVal.data.getSequence(3); - singleExtensions = - new HashMap<String, java.security.cert.Extension> - (singleExtDer.length); - for (int i = 0; i < singleExtDer.length; i++) { - Extension ext = new Extension(singleExtDer[i]); - if (debug != null) { - debug.println("OCSP single extension: " + ext); + + // nextUpdate processing + if (derVal.isContextSpecific((byte)0)) { + tmpNextUpdate = derVal.data.getGeneralizedTime(); + if (debug != null) { + debug.println("nextUpdate: " + tmpNextUpdate); + } + + // If more data exists in the singleResponse, it + // can only be singleExtensions. Get this DER value + // for processing in the next block + derVal = tmp.available() > 0 ? tmp.getDerValue() : null; + } + + // singleExtensions processing + if (derVal != null) { + if (derVal.isContextSpecific((byte)1)) { + tmpMap = parseExtensions(derVal); + + // There should not be any other items in the + // singleResponse at this point. + if (tmp.available() > 0) { + throw new IOException(tmp.available() + + " bytes of additional data in singleResponse"); } - // We don't support any extensions yet. Therefore, if it - // is critical we must throw an exception because we - // don't know how to process it. - if (ext.isCritical()) { - throw new IOException( - "Unsupported OCSP critical extension: " + - ext.getExtensionId()); - } - singleExtensions.put(ext.getId(), ext); + } else { + // Unknown item in the singleResponse + throw new IOException("Unsupported singleResponse " + + "item, tag = " + String.format("%02X", derVal.tag)); } - } else { - singleExtensions = Collections.emptyMap(); } - } else { - singleExtensions = Collections.emptyMap(); + } + + nextUpdate = tmpNextUpdate; + singleExtensions = (tmpMap != null) ? tmpMap : + Collections.emptyMap(); + if (debug != null) { + for (java.security.cert.Extension ext : + singleExtensions.values()) { + debug.println("singleExtension: " + ext); + } } } /* * Return the certificate's revocation status code */ - @Override public CertStatus getCertStatus() { + @Override + public CertStatus getCertStatus() { return certStatus; } - private CertId getCertId() { + /** + * Get the Cert ID that this SingleResponse is for. + * + * @return the {@code CertId} for this {@code SingleResponse} + */ + public CertId getCertId() { return certId; } - @Override public Date getRevocationTime() { - return (Date) revocationTime.clone(); + /** + * Get the {@code thisUpdate} field from this {@code SingleResponse}. + * + * @return a {@link Date} object containing the thisUpdate date + */ + public Date getThisUpdate() { + return (thisUpdate != null ? (Date) thisUpdate.clone() : null); + } + + /** + * Get the {@code nextUpdate} field from this {@code SingleResponse}. + * + * @return a {@link Date} object containing the nexUpdate date or + * {@code null} if a nextUpdate field is not present in the response. + */ + public Date getNextUpdate() { + return (nextUpdate != null ? (Date) nextUpdate.clone() : null); } - @Override public CRLReason getRevocationReason() { + /** + * Get the {@code revocationTime} field from this + * {@code SingleResponse}. + * + * @return a {@link Date} object containing the revocationTime date or + * {@code null} if the {@code SingleResponse} does not have a status + * of {@code REVOKED}. + */ + @Override + public Date getRevocationTime() { + return (revocationTime != null ? (Date) revocationTime.clone() : + null); + } + + /** + * Get the {@code revocationReason} field for the + * {@code SingleResponse}. + * + * @return a {@link CRLReason} containing the revocation reason, or + * {@code null} if a revocation reason was not provided or the + * response status is not {@code REVOKED}. + */ + @Override + public CRLReason getRevocationReason() { return revocationReason; } + /** + * Get the {@code singleExtensions} for this {@code SingleResponse}. + * + * @return a {@link Map} of {@link Extension} objects, keyed by + * their OID value in string form. + */ @Override public Map<String, java.security.cert.Extension> getSingleExtensions() { return Collections.unmodifiableMap(singleExtensions); @@ -816,18 +958,117 @@ */ @Override public String toString() { StringBuilder sb = new StringBuilder(); - sb.append("SingleResponse: \n"); + sb.append("SingleResponse:\n"); sb.append(certId); - sb.append("\nCertStatus: "+ certStatus + "\n"); + sb.append("\nCertStatus: ").append(certStatus).append("\n"); if (certStatus == CertStatus.REVOKED) { - sb.append("revocationTime is " + revocationTime + "\n"); - sb.append("revocationReason is " + revocationReason + "\n"); + sb.append("revocationTime is "); + sb.append(revocationTime).append("\n"); + sb.append("revocationReason is "); + sb.append(revocationReason).append("\n"); } - sb.append("thisUpdate is " + thisUpdate + "\n"); + sb.append("thisUpdate is ").append(thisUpdate).append("\n"); if (nextUpdate != null) { - sb.append("nextUpdate is " + nextUpdate + "\n"); + sb.append("nextUpdate is ").append(nextUpdate).append("\n"); + } + for (java.security.cert.Extension ext : singleExtensions.values()) { + sb.append("singleExtension: "); + sb.append(ext.toString()).append("\n"); } return sb.toString(); } } + + /** + * Helper class that allows consumers to pass in issuer information. This + * will always consist of the issuer's name and public key, but may also + * contain a certificate if the originating data is in that form. The + * trust anchor for the certificate chain will be included for certpath + * disabled algorithm checking. + */ + static final class IssuerInfo { + private final TrustAnchor anchor; + private final X509Certificate certificate; + private final X500Principal name; + private final PublicKey pubKey; + + IssuerInfo(TrustAnchor anchor) { + this(anchor, (anchor != null) ? anchor.getTrustedCert() : null); + } + + IssuerInfo(X509Certificate issuerCert) { + this(null, issuerCert); + } + + IssuerInfo(TrustAnchor anchor, X509Certificate issuerCert) { + if (anchor == null && issuerCert == null) { + throw new NullPointerException("TrustAnchor and issuerCert " + + "cannot be null"); + } + this.anchor = anchor; + if (issuerCert != null) { + name = issuerCert.getSubjectX500Principal(); + pubKey = issuerCert.getPublicKey(); + certificate = issuerCert; + } else { + name = anchor.getCA(); + pubKey = anchor.getCAPublicKey(); + certificate = anchor.getTrustedCert(); + } + } + + /** + * Get the certificate in this IssuerInfo if present. + * + * @return the {@code X509Certificate} used to create this IssuerInfo + * object, or {@code null} if a certificate was not used in its + * creation. + */ + X509Certificate getCertificate() { + return certificate; + } + + /** + * Get the name of this issuer. + * + * @return an {@code X500Principal} corresponding to this issuer's + * name. If derived from an issuer's {@code X509Certificate} this + * would be equivalent to the certificate subject name. + */ + X500Principal getName() { + return name; + } + + /** + * Get the public key for this issuer. + * + * @return a {@code PublicKey} for this issuer. + */ + PublicKey getPublicKey() { + return pubKey; + } + + /** + * Get the TrustAnchor for the certificate chain. + * + * @return a {@code TrustAnchor}. + */ + TrustAnchor getAnchor() { + return anchor; + } + + /** + * Create a string representation of this IssuerInfo. + * + * @return a {@code String} form of this IssuerInfo object. + */ + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("Issuer Info:\n"); + sb.append("Name: ").append(name.toString()).append("\n"); + sb.append("Public Key:\n").append(pubKey.toString()).append("\n"); + return sb.toString(); + } + } }
--- a/src/share/classes/sun/security/provider/certpath/PKIX.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/certpath/PKIX.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,7 @@ import java.security.InvalidAlgorithmParameterException; import java.security.PublicKey; +import java.security.Timestamp; import java.security.cert.*; import java.security.interfaces.DSAPublicKey; import java.util.*; @@ -85,6 +86,8 @@ private CertSelector constraints; private Set<TrustAnchor> anchors; private List<X509Certificate> certs; + private Timestamp timestamp; + private String variant; ValidatorParams(CertPath cp, PKIXParameters params) throws InvalidAlgorithmParameterException @@ -100,6 +103,11 @@ ValidatorParams(PKIXParameters params) throws InvalidAlgorithmParameterException { + if (params instanceof PKIXExtendedParameters) { + timestamp = ((PKIXExtendedParameters) params).getTimestamp(); + variant = ((PKIXExtendedParameters) params).getVariant(); + } + this.anchors = params.getTrustAnchors(); // Make sure that none of the trust anchors include name constraints // (not supported). @@ -189,6 +197,14 @@ PKIXParameters getPKIXParameters() { return params; } + + Timestamp timestamp() { + return timestamp; + } + + String variant() { + return variant; + } } static class BuilderParams extends ValidatorParams {
--- a/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -172,7 +172,8 @@ List<PKIXCertPathChecker> certPathCheckers = new ArrayList<>(); // add standard checkers that we will be using certPathCheckers.add(untrustedChecker); - certPathCheckers.add(new AlgorithmChecker(anchor)); + certPathCheckers.add(new AlgorithmChecker(anchor, null, params.date(), + params.timestamp(), params.variant())); certPathCheckers.add(new KeyChecker(certPathLen, params.targetCertConstraints())); certPathCheckers.add(new ConstraintsChecker(certPathLen)); @@ -189,8 +190,11 @@ rootNode); certPathCheckers.add(pc); // default value for date is current time - BasicChecker bc = new BasicChecker(anchor, params.date(), - params.sigProvider(), false); + BasicChecker bc; + bc = new BasicChecker(anchor, + (params.timestamp() == null ? params.date() : + params.timestamp().getTimestamp()), + params.sigProvider(), false); certPathCheckers.add(bc); boolean revCheckerAdded = false;
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/security/provider/certpath/PKIXExtendedParameters.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,226 @@ +/* + * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + + +package sun.security.provider.certpath; + +import java.security.InvalidAlgorithmParameterException; +import java.security.Timestamp; +import java.security.cert.CertSelector; +import java.security.cert.CertStore; +import java.security.cert.PKIXBuilderParameters; +import java.security.cert.PKIXCertPathChecker; +import java.security.cert.TrustAnchor; +import java.util.Date; +import java.util.List; +import java.util.Set; + +/** + * This class is a wrapper for PKIXBuilderParameters so that a Timestamp object + * and a string for the variant type, can be passed when doing certpath + * checking. + */ + +public class PKIXExtendedParameters extends PKIXBuilderParameters { + + private final PKIXBuilderParameters p; + private Timestamp jarTimestamp; + private final String variant; + + public PKIXExtendedParameters(PKIXBuilderParameters params, + Timestamp timestamp, String variant) + throws InvalidAlgorithmParameterException { + super(params.getTrustAnchors(), null); + p = params; + jarTimestamp = timestamp; + this.variant = variant; + } + + public Timestamp getTimestamp() { + return jarTimestamp; + } + public void setTimestamp(Timestamp t) { + jarTimestamp = t; + } + + public String getVariant() { + return variant; + } + + @Override + public void setDate(Date d) { + p.setDate(d); + } + + @Override + public void addCertPathChecker(PKIXCertPathChecker c) { + p.addCertPathChecker(c); + } + + @Override + public void setMaxPathLength(int maxPathLength) { + p.setMaxPathLength(maxPathLength); + } + + @Override + public int getMaxPathLength() { + return p.getMaxPathLength(); + } + + @Override + public String toString() { + return p.toString(); + } + + @Override + public Set<TrustAnchor> getTrustAnchors() { + return p.getTrustAnchors(); + } + + @Override + public void setTrustAnchors(Set<TrustAnchor> trustAnchors) + throws InvalidAlgorithmParameterException { + // To avoid problems with PKIXBuilderParameter's constructors + if (p == null) { + return; + } + p.setTrustAnchors(trustAnchors); + } + + @Override + public Set<String> getInitialPolicies() { + return p.getInitialPolicies(); + } + + @Override + public void setInitialPolicies(Set<String> initialPolicies) { + p.setInitialPolicies(initialPolicies); + } + + @Override + public void setCertStores(List<CertStore> stores) { + p.setCertStores(stores); + } + + @Override + public void addCertStore(CertStore store) { + p.addCertStore(store); + } + + @Override + public List<CertStore> getCertStores() { + return p.getCertStores(); + } + + @Override + public void setRevocationEnabled(boolean val) { + p.setRevocationEnabled(val); + } + + @Override + public boolean isRevocationEnabled() { + return p.isRevocationEnabled(); + } + + @Override + public void setExplicitPolicyRequired(boolean val) { + p.setExplicitPolicyRequired(val); + } + + @Override + public boolean isExplicitPolicyRequired() { + return p.isExplicitPolicyRequired(); + } + + @Override + public void setPolicyMappingInhibited(boolean val) { + p.setPolicyMappingInhibited(val); + } + + @Override + public boolean isPolicyMappingInhibited() { + return p.isPolicyMappingInhibited(); + } + + @Override + public void setAnyPolicyInhibited(boolean val) { + p.setAnyPolicyInhibited(val); + } + + @Override + public boolean isAnyPolicyInhibited() { + return p.isAnyPolicyInhibited(); + } + + @Override + public void setPolicyQualifiersRejected(boolean qualifiersRejected) { + p.setPolicyQualifiersRejected(qualifiersRejected); + } + + @Override + public boolean getPolicyQualifiersRejected() { + return p.getPolicyQualifiersRejected(); + } + + @Override + public Date getDate() { + return p.getDate(); + } + + @Override + public void setCertPathCheckers(List<PKIXCertPathChecker> checkers) { + p.setCertPathCheckers(checkers); + } + + @Override + public List<PKIXCertPathChecker> getCertPathCheckers() { + return p.getCertPathCheckers(); + } + + @Override + public String getSigProvider() { + return p.getSigProvider(); + } + + @Override + public void setSigProvider(String sigProvider) { + p.setSigProvider(sigProvider); + } + + @Override + public CertSelector getTargetCertConstraints() { + return p.getTargetCertConstraints(); + } + + @Override + public void setTargetCertConstraints(CertSelector selector) { + // To avoid problems with PKIXBuilderParameter's constructors + if (p == null) { + return; + } + p.setTargetCertConstraints(selector); + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/security/provider/certpath/ResponderId.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,315 @@ +/* + * Copyright (c) 2015, 2017 Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.security.provider.certpath; + +import java.util.Arrays; +import java.io.IOException; +import java.security.PublicKey; +import javax.security.auth.x500.X500Principal; +import sun.security.x509.KeyIdentifier; +import sun.security.util.DerValue; + +/** + * Class for ResponderId entities as described in RFC6960. ResponderId objects + * are used to uniquely identify OCSP responders. + * <p> + * The RFC 6960 defines a ResponderID structure as: + * <pre> + * ResponderID ::= CHOICE { + * byName [1] Name, + * byKey [2] KeyHash } + * + * KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key + * (excluding the tag and length fields) + * + * Name is defined in RFC 5280. + * </pre> + * + * @see ResponderId.Type + * @since 9 + */ +public final class ResponderId { + + /** + * A {@code ResponderId} enumeration describing the accepted forms for a + * {@code ResponderId}. + * + * @see ResponderId + * @since 9 + */ + public static enum Type { + /** + * A BY_NAME {@code ResponderId} will be built from a subject name, + * either as an {@code X500Principal} or a DER-encoded byte array. + */ + BY_NAME(1, "byName"), + + /** + * A BY_KEY {@code ResponderId} will be built from a public key + * identifier, either derived from a {@code PublicKey} or directly + * from a DER-encoded byte array containing the key identifier. + */ + BY_KEY(2, "byKey"); + + private final int tagNumber; + private final String ridTypeName; + + private Type(int value, String name) { + this.tagNumber = value; + this.ridTypeName = name; + } + + public int value() { + return tagNumber; + } + + @Override + public String toString() { + return ridTypeName; + } + } + + private Type type; + private X500Principal responderName; + private KeyIdentifier responderKeyId; + private byte[] encodedRid; + + /** + * Constructs a {@code ResponderId} object using an {@code X500Principal}. + * When encoded in DER this object will use the BY_NAME option. + * + * @param subjectName the subject name of the certificate used + * to sign OCSP responses. + * + * @throws IOException if the internal DER-encoding of the + * {@code X500Principal} fails. + */ + public ResponderId(X500Principal subjectName) throws IOException { + responderName = subjectName; + responderKeyId = null; + encodedRid = principalToBytes(); + type = Type.BY_NAME; + } + + /** + * Constructs a {@code ResponderId} object using a {@code PublicKey}. + * When encoded in DER this object will use the byKey option, a + * SHA-1 hash of the responder's public key. + * + * @param pubKey the the OCSP responder's public key + * + * @throws IOException if the internal DER-encoding of the + * {@code KeyIdentifier} fails. + */ + public ResponderId(PublicKey pubKey) throws IOException { + responderKeyId = new KeyIdentifier(pubKey); + responderName = null; + encodedRid = keyIdToBytes(); + type = Type.BY_KEY; + } + + /** + * Constructs a {@code ResponderId} object from its DER-encoding. + * + * @param encodedData the DER-encoded bytes + * + * @throws IOException if the encodedData is not properly DER encoded + */ + public ResponderId(byte[] encodedData) throws IOException { + DerValue outer = new DerValue(encodedData); + + if (outer.isContextSpecific((byte)Type.BY_NAME.value()) + && outer.isConstructed()) { + // Use the X500Principal constructor as a way to sanity + // check the incoming data. + responderName = new X500Principal(outer.getDataBytes()); + encodedRid = principalToBytes(); + type = Type.BY_NAME; + } else if (outer.isContextSpecific((byte)Type.BY_KEY.value()) + && outer.isConstructed()) { + // Use the KeyIdentifier constructor as a way to sanity + // check the incoming data. + responderKeyId = + new KeyIdentifier(new DerValue(outer.getDataBytes())); + encodedRid = keyIdToBytes(); + type = Type.BY_KEY; + } else { + throw new IOException("Invalid ResponderId content"); + } + } + + /** + * Encode a {@code ResponderId} in DER form + * + * @return a byte array containing the DER-encoded representation for this + * {@code ResponderId} + */ + public byte[] getEncoded() { + return encodedRid.clone(); + } + + /** + * Return the type of {@ResponderId} + * + * @return a number corresponding to the context-specific tag number + * used in the DER-encoding for a {@code ResponderId} + */ + public ResponderId.Type getType() { + return type; + } + + /** + * Get the length of the encoded {@code ResponderId} (including the tag and + * length of the explicit tagging from the outer ASN.1 CHOICE). + * + * @return the length of the encoded {@code ResponderId} + */ + public int length() { + return encodedRid.length; + } + + /** + * Obtain the underlying {@code X500Principal} from a {@code ResponderId} + * + * @return the {@code X500Principal} for this {@code ResponderId} if it + * is a BY_NAME variant. If the {@code ResponderId} is a BY_KEY + * variant, this routine will return {@code null}. + */ + public X500Principal getResponderName() { + return responderName; + } + + /** + * Obtain the underlying key identifier from a {@code ResponderId} + * + * @return the {@code KeyIdentifier} for this {@code ResponderId} if it + * is a BY_KEY variant. If the {@code ResponderId} is a BY_NAME + * variant, this routine will return {@code null}. + */ + public KeyIdentifier getKeyIdentifier() { + return responderKeyId; + } + + /** + * Compares the specified object with this {@code ResponderId} for equality. + * A ResponderId will only be considered equivalent if both the type and + * data value are equal. Two ResponderIds initialized by name and + * key ID, respectively, will not be equal even if the + * ResponderId objects are created from the same source certificate. + * + * @param obj the object to be compared against + * + * @return true if the specified object is equal to this {@code Responderid} + */ + @Override + public boolean equals(Object obj) { + if (obj == null) { + return false; + } + + if (this == obj) { + return true; + } + + if (obj instanceof ResponderId) { + ResponderId respObj = (ResponderId)obj; + return Arrays.equals(encodedRid, respObj.getEncoded()); + } + + return false; + } + + /** + * Returns the hash code value for this {@code ResponderId} + * + * @return the hash code value for this {@code ResponderId} + */ + @Override + public int hashCode() { + return Arrays.hashCode(encodedRid); + } + + /** + * Create a String representation of this {@code ResponderId} + * + * @return a String representation of this {@code ResponderId} + */ + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + switch (type) { + case BY_NAME: + sb.append(type).append(": ").append(responderName); + break; + case BY_KEY: + sb.append(type).append(": "); + for (byte keyIdByte : responderKeyId.getIdentifier()) { + sb.append(String.format("%02X", keyIdByte)); + } + break; + default: + sb.append("Unknown ResponderId Type: ").append(type); + } + return sb.toString(); + } + + /** + * Convert the responderName data member into its DER-encoded form + * + * @return the DER encoding for a responder ID byName option, including + * explicit context-specific tagging. + * + * @throws IOException if any encoding error occurs + */ + private byte[] principalToBytes() throws IOException { + DerValue dv = new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, + true, (byte)Type.BY_NAME.value()), + responderName.getEncoded()); + return dv.toByteArray(); + } + + /** + * Convert the responderKeyId data member into its DER-encoded form + * + * @return the DER encoding for a responder ID byKey option, including + * explicit context-specific tagging. + * + * @throws IOException if any encoding error occurs + */ + private byte[] keyIdToBytes() throws IOException { + // Place the KeyIdentifier bytes into an OCTET STRING + DerValue inner = new DerValue(DerValue.tag_OctetString, + responderKeyId.getIdentifier()); + + // Mark the OCTET STRING-wrapped KeyIdentifier bytes + // as EXPLICIT CONTEXT 2 + DerValue outer = new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, + true, (byte)Type.BY_KEY.value()), inner.toByteArray()); + + return outer.toByteArray(); + } + +}
--- a/src/share/classes/sun/security/provider/certpath/RevocationChecker.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/certpath/RevocationChecker.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -43,7 +43,6 @@ import static sun.security.provider.certpath.OCSP.*; import static sun.security.provider.certpath.PKIX.*; -import sun.security.action.GetPropertyAction; import sun.security.x509.*; import static sun.security.x509.PKIXExtensions.*; import sun.security.util.Debug; @@ -62,12 +61,12 @@ private List<CertStore> certStores; private Map<X509Certificate, byte[]> ocspResponses; private List<Extension> ocspExtensions; - private boolean legacy; + private final boolean legacy; private LinkedList<CertPathValidatorException> softFailExceptions = new LinkedList<>(); // state variables - private X509Certificate issuerCert; + private OCSPResponse.IssuerInfo issuerInfo; private PublicKey prevPubKey; private boolean crlSignFlag; private int certIndex; @@ -302,9 +301,9 @@ CertPathValidatorException("forward checking not supported"); } if (anchor != null) { - issuerCert = anchor.getTrustedCert(); - prevPubKey = (issuerCert != null) ? issuerCert.getPublicKey() - : anchor.getCAPublicKey(); + issuerInfo = new OCSPResponse.IssuerInfo(anchor); + prevPubKey = issuerInfo.getPublicKey(); + } crlSignFlag = true; if (params != null && params.certPath() != null) { @@ -438,7 +437,7 @@ private void updateState(X509Certificate cert) throws CertPathValidatorException { - issuerCert = cert; + issuerInfo = new OCSPResponse.IssuerInfo(anchor, cert); // Make new public key if parameters are missing PublicKey pubKey = cert.getPublicKey(); @@ -466,6 +465,34 @@ stackedCerts, params.trustAnchors()); } + static boolean isCausedByNetworkIssue(String type, CertStoreException cse) { + boolean result; + Throwable t = cse.getCause(); + + switch (type) { + case "LDAP": + if (t != null) { + // These two exception classes are inside java.naming module + String cn = t.getClass().getName(); + result = (cn.equals("javax.naming.ServiceUnavailableException") || + cn.equals("javax.naming.CommunicationException")); + } else { + result = false; + } + break; + case "SSLServer": + result = (t != null && t instanceof IOException); + break; + case "URI": + result = (t != null && t instanceof IOException); + break; + default: + // we don't know about any other remote CertStore types + return false; + } + return result; + } + private void checkCRLs(X509Certificate cert, PublicKey prevKey, X509Certificate prevCert, boolean signFlag, boolean allowSeparateKey, @@ -478,9 +505,9 @@ " ---checking revocation status ..."); } - // reject circular dependencies - RFC 3280 is not explicit on how - // to handle this, so we feel it is safest to reject them until - // the issue is resolved in the PKIX WG. + // Reject circular dependencies - RFC 5280 is not explicit on how + // to handle this, but does suggest that they can be a security + // risk and can create unresolvable dependencies if (stackedCerts != null && stackedCerts.contains(cert)) { if (debug != null) { debug.println("RevocationChecker.checkCRLs()" + @@ -510,7 +537,7 @@ "CertStoreException: " + e.getMessage()); } if (networkFailureException == null && - CertStoreHelper.isCausedByNetworkIssue(store.getType(),e)) { + isCausedByNetworkIssue(store.getType(),e)) { // save this exception, we may need to throw it later networkFailureException = new CertPathValidatorException( "Unable to determine revocation status due to " + @@ -550,15 +577,14 @@ try { if (crlDP) { approvedCRLs.addAll(DistributionPointFetcher.getCRLs( - sel, signFlag, prevKey, prevCert, - params.sigProvider(), certStores, - reasonsMask, anchors, null)); + sel, signFlag, prevKey, prevCert, + params.sigProvider(), certStores, reasonsMask, + anchors, null, params.variant())); } } catch (CertStoreException e) { if (e instanceof CertStoreTypeException) { CertStoreTypeException cste = (CertStoreTypeException)e; - if (CertStoreHelper.isCausedByNetworkIssue(cste.getType(), - e)) { + if (isCausedByNetworkIssue(cste.getType(), e)) { throw new CertPathValidatorException( "Unable to determine revocation status due to " + "network error", e, null, -1, @@ -634,7 +660,7 @@ /* * Abort CRL validation and throw exception if there are any * unrecognized critical CRL entry extensions (see section - * 5.3 of RFC 3280). + * 5.3 of RFC 5280). */ Set<String> unresCritExts = entry.getCriticalExtensionOIDs(); if (unresCritExts != null && !unresCritExts.isEmpty()) { @@ -682,14 +708,8 @@ OCSPResponse response = null; CertId certId = null; try { - if (issuerCert != null) { - certId = new CertId(issuerCert, - currCert.getSerialNumberObject()); - } else { - // must be an anchor name and key - certId = new CertId(anchor.getCA(), anchor.getCAPublicKey(), - currCert.getSerialNumberObject()); - } + certId = new CertId(issuerInfo.getName(), issuerInfo.getPublicKey(), + currCert.getSerialNumberObject()); // check if there is a cached OCSP response available byte[] responseBytes = ocspResponses.get(cert); @@ -706,8 +726,8 @@ nonce = ext.getValue(); } } - response.verify(Collections.singletonList(certId), issuerCert, - responderCert, params.date(), nonce); + response.verify(Collections.singletonList(certId), issuerInfo, + responderCert, params.date(), nonce, params.variant()); } else { URI responderURI = (this.responderURI != null) @@ -720,8 +740,8 @@ } response = OCSP.check(Collections.singletonList(certId), - responderURI, issuerCert, responderCert, - null, ocspExtensions); + responderURI, issuerInfo, responderCert, null, + ocspExtensions, params.variant()); } } catch (IOException e) { throw new CertPathValidatorException( @@ -833,7 +853,7 @@ if (DistributionPointFetcher.verifyCRL( certImpl, point, crl, reasonsMask, signFlag, prevKey, null, params.sigProvider(), anchors, - certStores, params.date())) + certStores, params.date(), params.variant())) { results.add(crl); } @@ -886,9 +906,9 @@ " ---checking " + msg + "..."); } - // reject circular dependencies - RFC 3280 is not explicit on how - // to handle this, so we feel it is safest to reject them until - // the issue is resolved in the PKIX WG. + // Reject circular dependencies - RFC 5280 is not explicit on how + // to handle this, but does suggest that they can be a security + // risk and can create unresolvable dependencies if ((stackedCerts != null) && stackedCerts.contains(cert)) { if (debug != null) { debug.println(
--- a/src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -50,7 +50,7 @@ * <p> If successful, it returns a certification path which has successfully * satisfied all the constraints and requirements specified in the * PKIXBuilderParameters object and has been validated according to the PKIX - * path validation algorithm defined in RFC 3280. + * path validation algorithm defined in RFC 5280. * * <p> This implementation uses a depth-first search approach to finding * certification paths. If it comes to a point in which it cannot find @@ -343,7 +343,8 @@ checkers.add(policyChecker); // add the algorithm checker - checkers.add(new AlgorithmChecker(builder.trustAnchor)); + checkers.add(new AlgorithmChecker(builder.trustAnchor, + buildParams.date(), buildParams.variant())); BasicChecker basicChecker = null; if (nextState.keyParamsNeeded()) {
--- a/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -265,7 +265,7 @@ */ Hashtable<?,?> currentEnv = ctx.getEnvironment(); if (currentEnv.get(Context.REFERRAL) == null) { - ctx.addToEnvironment(Context.REFERRAL, "follow"); + ctx.addToEnvironment(Context.REFERRAL, "follow-scheme"); } } catch (NamingException e) { if (debug != null) {
--- a/src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -191,14 +191,22 @@ if (version != 0) { throw new IOException("Version must be 0"); } - n = getBigInteger(data); - e = getBigInteger(data); - d = getBigInteger(data); - p = getBigInteger(data); - q = getBigInteger(data); - pe = getBigInteger(data); - qe = getBigInteger(data); - coeff = getBigInteger(data); + + /* + * Some implementations do not correctly encode ASN.1 INTEGER values + * in 2's complement format, resulting in a negative integer when + * decoded. Correct the error by converting it to a positive integer. + * + * See CR 6255949 + */ + n = data.getPositiveBigInteger(); + e = data.getPositiveBigInteger(); + d = data.getPositiveBigInteger(); + p = data.getPositiveBigInteger(); + q = data.getPositiveBigInteger(); + pe = data.getPositiveBigInteger(); + qe = data.getPositiveBigInteger(); + coeff = data.getPositiveBigInteger(); if (derValue.data.available() != 0) { throw new IOException("Extra data available"); } @@ -206,23 +214,4 @@ throw new InvalidKeyException("Invalid RSA private key", e); } } - - /** - * Read a BigInteger from the DerInputStream. - */ - static BigInteger getBigInteger(DerInputStream data) throws IOException { - BigInteger b = data.getBigInteger(); - - /* - * Some implementations do not correctly encode ASN.1 INTEGER values - * in 2's complement format, resulting in a negative integer when - * decoded. Correct the error by converting it to a positive integer. - * - * See CR 6255949 - */ - if (b.signum() < 0) { - b = new BigInteger(1, b.toByteArray()); - } - return b; - } }
--- a/src/share/classes/sun/security/rsa/RSAPublicKeyImpl.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/rsa/RSAPublicKeyImpl.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -111,8 +111,8 @@ throw new IOException("Not a SEQUENCE"); } DerInputStream data = derValue.data; - n = RSAPrivateCrtKeyImpl.getBigInteger(data); - e = RSAPrivateCrtKeyImpl.getBigInteger(data); + n = data.getPositiveBigInteger(); + e = data.getPositiveBigInteger(); if (derValue.data.available() != 0) { throw new IOException("Extra data available"); }
--- a/src/share/classes/sun/security/ssl/SSLContextImpl.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/ssl/SSLContextImpl.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -37,6 +37,7 @@ import sun.security.provider.certpath.AlgorithmChecker; import sun.security.action.GetPropertyAction; +import sun.security.validator.Validator; public abstract class SSLContextImpl extends SSLContextSpi { @@ -1040,7 +1041,7 @@ constraints = new SSLAlgorithmConstraints(sslSocket, true); } - checkAlgorithmConstraints(chain, constraints); + checkAlgorithmConstraints(chain, constraints, isClient); } } @@ -1082,12 +1083,12 @@ constraints = new SSLAlgorithmConstraints(engine, true); } - checkAlgorithmConstraints(chain, constraints); + checkAlgorithmConstraints(chain, constraints, isClient); } } private void checkAlgorithmConstraints(X509Certificate[] chain, - AlgorithmConstraints constraints) throws CertificateException { + AlgorithmConstraints constraints, boolean isClient) throws CertificateException { try { // Does the certificate chain end with a trusted certificate? @@ -1105,7 +1106,9 @@ // A forward checker, need to check from trust to target if (checkedLength >= 0) { - AlgorithmChecker checker = new AlgorithmChecker(constraints); + AlgorithmChecker checker = + new AlgorithmChecker(constraints, null, + (isClient ? Validator.VAR_TLS_CLIENT : Validator.VAR_TLS_SERVER)); checker.init(false); for (int i = checkedLength; i >= 0; i--) { Certificate cert = chain[i];
--- a/src/share/classes/sun/security/ssl/X509KeyManagerImpl.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/ssl/X509KeyManagerImpl.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -39,6 +39,7 @@ import javax.net.ssl.*; import sun.security.provider.certpath.AlgorithmChecker; +import sun.security.validator.Validator; /** * The new X509 key manager implementation. The main differences to the @@ -62,7 +63,7 @@ private static final Debug debug = Debug.getInstance("ssl"); - private final static boolean useDebug = + private static final boolean useDebug = (debug != null) && Debug.isOn("keymanager"); // for unit testing only, set via privileged reflection @@ -661,6 +662,15 @@ return CheckResult.OK; } + + public String getValidator() { + if (this == CLIENT) { + return Validator.VAR_TLS_CLIENT; + } else if (this == SERVER) { + return Validator.VAR_TLS_SERVER; + } + return Validator.VAR_GENERIC; + } } // enum for the result of the extension check @@ -774,7 +784,8 @@ // check the algorithm constraints if (constraints != null && - !conformsToAlgorithmConstraints(constraints, chain)) { + !conformsToAlgorithmConstraints(constraints, chain, + checkType.getValidator())) { if (useDebug) { debug.println("Ignoring alias " + alias + @@ -811,13 +822,19 @@ } private static boolean conformsToAlgorithmConstraints( - AlgorithmConstraints constraints, Certificate[] chain) { + AlgorithmConstraints constraints, Certificate[] chain, + String variant) { - AlgorithmChecker checker = new AlgorithmChecker(constraints); + AlgorithmChecker checker = new AlgorithmChecker(constraints, null, variant); try { checker.init(false); } catch (CertPathValidatorException cpve) { // unlikely to happen + if (useDebug) { + debug.println( + "Cannot initialize algorithm constraints checker: " + cpve); + } + return false; } @@ -828,6 +845,11 @@ // We don't care about the unresolved critical extensions. checker.check(cert, Collections.<String>emptySet()); } catch (CertPathValidatorException cpve) { + if (useDebug) { + debug.println("Certificate (" + cert + + ") does not conform to algorithm constraints: " + cpve); + } + return false; } }
--- a/src/share/classes/sun/security/tools/keytool/Resources_sv.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/tools/keytool/Resources_sv.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -55,7 +55,7 @@ {"Changes.an.entry.s.alias", "\u00C4ndrar postalias"}, //-changealias {"Deletes.an.entry", - "Tar bort post"}, //-delete + "Tar bort en post"}, //-delete {"Exports.certificate", "Exporterar certifikat"}, //-exportcert {"Generates.a.key.pair", @@ -175,7 +175,7 @@ {"validity.number.of.days", "antal dagar f\u00F6r giltighet"}, //-validity {"Serial.ID.of.cert.to.revoke", - "Seriellt id f\u00F6r certifikat som ska \u00E5terkallas"}, //-id + "Serienummer p\u00E5 certifikat som ska \u00E5terkallas"}, //-id // keytool: Running part {"keytool.error.", "nyckelverktygsfel: "}, {"Illegal.option.", "Otill\u00E5tet alternativ: "}, @@ -266,7 +266,7 @@ "Certifikatet har inte lagts till i nyckellagret"}, {".Storing.ksfname.", "[Lagrar {0}]"}, {"alias.has.no.public.key.certificate.", - "{0} saknar offentlig nyckel (certifikat)"}, + "{0} saknar \u00F6ppen nyckel (certifikat)"}, {"Cannot.derive.signature.algorithm", "Kan inte h\u00E4rleda signaturalgoritm"}, {"Alias.alias.does.not.exist", @@ -316,7 +316,7 @@ {"Failed.to.parse.input", "Kunde inte tolka indata"}, {"Empty.input", "Inga indata"}, {"Not.X.509.certificate", "Inte ett X.509-certifikat"}, - {"alias.has.no.public.key", "{0} saknar offentlig nyckel"}, + {"alias.has.no.public.key", "{0} saknar \u00F6ppen nyckel"}, {"alias.has.no.X.509.certificate", "{0} saknar X.509-certifikat"}, {"New.certificate.self.signed.", "Nytt certifikat (sj\u00E4lvsignerat):"}, {"Reply.has.no.certificates", "Svaret saknar certifikat"}, @@ -371,7 +371,7 @@ {".WARNING.WARNING.WARNING.", "***************** WARNING WARNING WARNING *****************"}, - {"Signer.d.", "Signerare #%d:"}, + {"Signer.d.", "Undertecknare %d:"}, {"Timestamp.", "Tidsst\u00E4mpel:"}, {"Signature.", "Signatur:"}, {"CRLs.", "CRL:er:"}, @@ -386,7 +386,7 @@ "* Integriteten f\u00F6r den information som lagras i srckeystore*\n* har INTE verifierats! Om du vill verifiera dess integritet *\n* m\u00E5ste du ange l\u00F6senordet f\u00F6r srckeystore. *"}, {"Certificate.reply.does.not.contain.public.key.for.alias.", - "Certifikatsvaret inneh\u00E5ller inte n\u00E5gon offentlig nyckel f\u00F6r <{0}>"}, + "Certifikatsvaret inneh\u00E5ller inte n\u00E5gon \u00F6ppen nyckel f\u00F6r <{0}>"}, {"Incomplete.certificate.chain.in.reply", "Ofullst\u00E4ndig certifikatskedja i svaret"}, {"Certificate.chain.in.reply.does.not.verify.", @@ -417,7 +417,7 @@ {".Empty.value.", "(Tomt v\u00E4rde)"}, {"Extension.Request.", "Till\u00E4ggsbeg\u00E4ran:"}, {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.", - "PKCS #10 certifikatbeg\u00E4ran (version 1.0)\n\u00C4mne: %s\nAllm\u00E4n nyckel: %s-format %s-nyckel\n"}, + "PKCS #10 certifikatbeg\u00E4ran (version 1.0)\n\u00C4rende: %s\n\u00D6ppen nyckel: %s-format %s-nyckel\n"}, {"Unknown.keyUsage.type.", "Ok\u00E4nd keyUsage-typ: "}, {"Unknown.extendedkeyUsage.type.", "Ok\u00E4nd extendedkeyUsage-typ: "}, {"Unknown.AccessDescription.type.", "Ok\u00E4nd AccessDescription-typ: "},
--- a/src/share/classes/sun/security/tools/policytool/Resources_sv.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/tools/policytool/Resources_sv.java Wed Jul 19 05:41:28 2017 +0100 @@ -35,7 +35,7 @@ private static final Object[][] contents = { {"NEWLINE", "\n"}, {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.", - "Varning! Det finns ingen offentlig nyckel f\u00F6r aliaset {0}. Kontrollera att det aktuella nyckellagret \u00E4r korrekt konfigurerat."}, + "Varning! Det finns ingen \u00F6ppen nyckel f\u00F6r aliaset {0}. Kontrollera att det aktuella nyckellagret \u00E4r korrekt konfigurerat."}, {"Warning.Class.not.found.class", "Varning! Klassen hittades inte: {0}"}, {"Warning.Invalid.argument.s.for.constructor.arg", "Varning! Ogiltiga argument f\u00F6r konstruktor: {0}"}, @@ -59,8 +59,8 @@ {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes", "Varning! Filnamnet kan inneh\u00E5lla omv\u00E4nda snedstreck inom citattecken. Citattecken kr\u00E4vs inte f\u00F6r omv\u00E4nda snedstreck (verktyget hanterar detta n\u00E4r policyinneh\u00E5llet skrivs till det best\u00E4ndiga lagret).\n\nKlicka p\u00E5 Beh\u00E5ll f\u00F6r att beh\u00E5lla det angivna namnet, eller klicka p\u00E5 Redigera f\u00F6r att \u00E4ndra det."}, - {"Add.Public.Key.Alias", "L\u00E4gg till offentligt nyckelalias"}, - {"Remove.Public.Key.Alias", "Ta bort offentligt nyckelalias"}, + {"Add.Public.Key.Alias", "L\u00E4gg till alias till \u00F6ppen nyckel"}, + {"Remove.Public.Key.Alias", "Ta bort alias f\u00F6r \u00F6ppen nyckel"}, {"File", "&Arkiv"}, {"KeyStore", "&KeyStore"}, {"Policy.File.", "Policyfil:"}, @@ -136,7 +136,7 @@ {"provider.name", "leverant\u00F6rsnamn"}, {"url", "url"}, {"method.list", "metodlista"}, - {"request.headers.list", "beg\u00E4ranrubriklista"}, + {"request.headers.list", "lista \u00F6ver beg\u00E4randehuvuden"}, {"Principal.List", "Lista \u00F6ver identitetshavare"}, {"Permission.List", "Beh\u00F6righetslista"}, {"Code.Base", "Kodbas"},
--- a/src/share/classes/sun/security/util/AnchorCertificates.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/util/AnchorCertificates.java Wed Jul 19 05:41:28 2017 +0100 @@ -31,8 +31,10 @@ import java.security.KeyStore; import java.security.PrivilegedAction; import java.security.cert.X509Certificate; +import java.util.Collections; import java.util.Enumeration; import java.util.HashSet; +import java.util.Set; import sun.security.x509.X509CertImpl; @@ -44,7 +46,7 @@ private static final Debug debug = Debug.getInstance("certpath"); private static final String HASH = "SHA-256"; - private static HashSet<String> certs; + private static Set<String> certs = Collections.emptySet(); static { AccessController.doPrivileged(new PrivilegedAction<Void>() {
--- a/src/share/classes/sun/security/util/AuthResources_sv.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/util/AuthResources_sv.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -137,7 +137,7 @@ // provided.null.name is the NullPointerException message when a // developer incorrectly passes a null name to the constructor of // subclasses of java.security.Principal - {"provided.null.name", "angav null-namn"} + {"provided.null.name", "null-namn angavs"} };
--- a/src/share/classes/sun/security/util/CertConstraintParameters.java Tue Jul 11 03:45:17 2017 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -package sun.security.util; - -import java.security.cert.X509Certificate; - -/** - * This class is a wrapper for keeping state and passing objects between PKIX, - * AlgorithmChecker, and DisabledAlgorithmConstraints. - */ -public class CertConstraintParameters { - // A certificate being passed to check against constraints. - private final X509Certificate cert; - - // This is true if the trust anchor in the certificate chain matches a cert - // in AnchorCertificates - private final boolean trustedMatch; - - public CertConstraintParameters(X509Certificate c, boolean match) { - cert = c; - trustedMatch = match; - } - - public CertConstraintParameters(X509Certificate c) { - this(c, false); - } - - // Returns if the trust anchor has a match if anchor checking is enabled. - public boolean isTrustedMatch() { - return trustedMatch; - } - - public X509Certificate getCertificate() { - return cert; - } -}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/security/util/ConstraintsParameters.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,135 @@ +/* + * Copyright (c) 2016, 2017 Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.security.util; + +import sun.security.validator.Validator; + +import java.security.AlgorithmParameters; +import java.security.Key; +import java.security.Timestamp; +import java.security.cert.X509Certificate; +import java.util.Date; + +/** + * This class contains parameters for checking against constraints that extend + * past the publicly available parameters in java.security.AlgorithmConstraints. + + * This is currently on passed between between PKIX, AlgorithmChecker, + * and DisabledAlgorithmConstraints. + */ +public class ConstraintsParameters { + /* + * The below 3 values are used the same as the permit() methods + * published in java.security.AlgorithmConstraints. + */ + // Algorithm string to be checked against constraints + private final String algorithm; + // AlgorithmParameters to the algorithm being checked + private final AlgorithmParameters algParams; + // Public Key being checked against constraints + private final Key publicKey; + + /* + * New values that are checked against constraints that the current public + * API does not support. + */ + // A certificate being passed to check against constraints. + private final X509Certificate cert; + // This is true if the trust anchor in the certificate chain matches a cert + // in AnchorCertificates + private final boolean trustedMatch; + // PKIXParameter date + private final Date pkixDate; + // Timestamp of the signed JAR file + private final Timestamp jarTimestamp; + private final String variant; + + public ConstraintsParameters(X509Certificate c, boolean match, + Date pkixdate, Timestamp jarTime, String variant) { + cert = c; + trustedMatch = match; + pkixDate = pkixdate; + jarTimestamp = jarTime; + this.variant = (variant == null ? Validator.VAR_GENERIC : variant); + algorithm = null; + algParams = null; + publicKey = null; + } + + public ConstraintsParameters(String algorithm, AlgorithmParameters params, + Key key, String variant) { + this.algorithm = algorithm; + algParams = params; + this.publicKey = key; + cert = null; + trustedMatch = false; + pkixDate = null; + jarTimestamp = null; + this.variant = (variant == null ? Validator.VAR_GENERIC : variant); + } + + + public ConstraintsParameters(X509Certificate c) { + this(c, false, null, null, + Validator.VAR_GENERIC); + } + + public ConstraintsParameters(Timestamp jarTime) { + this(null, false, null, jarTime, Validator.VAR_GENERIC); + } + + public String getAlgorithm() { + return algorithm; + } + + public AlgorithmParameters getAlgParams() { + return algParams; + } + + public Key getPublicKey() { + return publicKey; + } + // Returns if the trust anchor has a match if anchor checking is enabled. + public boolean isTrustedMatch() { + return trustedMatch; + } + + public X509Certificate getCertificate() { + return cert; + } + + public Date getPKIXParamDate() { + return pkixDate; + } + + public Timestamp getJARTimestamp() { + return jarTimestamp; + } + + public String getVariant() { + return variant; + } +}
--- a/src/share/classes/sun/security/util/DerInputBuffer.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/util/DerInputBuffer.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -44,16 +44,26 @@ */ class DerInputBuffer extends ByteArrayInputStream implements Cloneable { - DerInputBuffer(byte[] buf) { super(buf); } + boolean allowBER = true; + + // used by sun/security/util/DerInputBuffer/DerInputBufferEqualsHashCode.java + DerInputBuffer(byte[] buf) { + this(buf, true); + } - DerInputBuffer(byte[] buf, int offset, int len) { + DerInputBuffer(byte[] buf, boolean allowBER) { + super(buf); + this.allowBER = allowBER; + } + + DerInputBuffer(byte[] buf, int offset, int len, boolean allowBER) { super(buf, offset, len); + this.allowBER = allowBER; } DerInputBuffer dup() { try { DerInputBuffer retval = (DerInputBuffer)clone(); - retval.mark(Integer.MAX_VALUE); return retval; } catch (CloneNotSupportedException e) { @@ -147,8 +157,8 @@ System.arraycopy(buf, pos, bytes, 0, len); skip(len); - // check to make sure no extra leading 0s for DER - if (len >= 2 && (bytes[0] == 0) && (bytes[1] >= 0)) { + // BER allows leading 0s but DER does not + if (!allowBER && (len >= 2 && (bytes[0] == 0) && (bytes[1] >= 0))) { throw new IOException("Invalid encoding: redundant leading 0s"); }
--- a/src/share/classes/sun/security/util/DerInputStream.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/util/DerInputStream.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -81,6 +81,25 @@ } /** + * Create a DER input stream from part of a data buffer with + * additional arg to control whether DER checks are enforced. + * The buffer is not copied, it is shared. Accordingly, the + * buffer should be treated as read-only. + * + * @param data the buffer from which to create the string (CONSUMED) + * @param offset the first index of <em>data</em> which will + * be read as DER input in the new stream + * @param len how long a chunk of the buffer to use, + * starting at "offset" + * @param allowBER whether to allow constructed indefinite-length + * encoding as well as tolerate leading 0s + */ + public DerInputStream(byte[] data, int offset, int len, + boolean allowBER) throws IOException { + init(data, offset, len, allowBER); + } + + /** * Create a DER input stream from part of a data buffer. * The buffer is not copied, it is shared. Accordingly, the * buffer should be treated as read-only. @@ -95,47 +114,27 @@ init(data, offset, len, true); } - /** - * Create a DER input stream from part of a data buffer with - * additional arg to indicate whether to allow constructed - * indefinite-length encoding. - * The buffer is not copied, it is shared. Accordingly, the - * buffer should be treated as read-only. - * - * @param data the buffer from which to create the string (CONSUMED) - * @param offset the first index of <em>data</em> which will - * be read as DER input in the new stream - * @param len how long a chunk of the buffer to use, - * starting at "offset" - * @param allowIndefiniteLength whether to allow constructed - * indefinite-length encoding - */ - public DerInputStream(byte[] data, int offset, int len, - boolean allowIndefiniteLength) throws IOException { - init(data, offset, len, allowIndefiniteLength); - } - /* * private helper routine */ - private void init(byte[] data, int offset, int len, - boolean allowIndefiniteLength) throws IOException { + private void init(byte[] data, int offset, int len, boolean allowBER) throws IOException { if ((offset+2 > data.length) || (offset+len > data.length)) { throw new IOException("Encoding bytes too short"); } // check for indefinite length encoding if (DerIndefLenConverter.isIndefinite(data[offset+1])) { - if (!allowIndefiniteLength) { + if (!allowBER) { throw new IOException("Indefinite length BER encoding found"); } else { byte[] inData = new byte[len]; System.arraycopy(data, offset, inData, 0, len); DerIndefLenConverter derIn = new DerIndefLenConverter(); - buffer = new DerInputBuffer(derIn.convert(inData)); + buffer = new DerInputBuffer(derIn.convert(inData), allowBER); } - } else - buffer = new DerInputBuffer(data, offset, len); + } else { + buffer = new DerInputBuffer(data, offset, len, allowBER); + } buffer.mark(Integer.MAX_VALUE); } @@ -156,7 +155,7 @@ */ public DerInputStream subStream(int len, boolean do_skip) throws IOException { - DerInputBuffer newbuf = buffer.dup(); + DerInputBuffer newbuf = buffer.dup(); newbuf.truncate(len); if (do_skip) { @@ -393,7 +392,8 @@ dis.readFully(indefData, offset, readLen); dis.close(); DerIndefLenConverter derIn = new DerIndefLenConverter(); - buffer = new DerInputBuffer(derIn.convert(indefData)); + buffer = new DerInputBuffer(derIn.convert(indefData), buffer.allowBER); + if (tag != buffer.read()) throw new IOException("Indefinite length encoding" + " not supported"); @@ -421,7 +421,7 @@ DerValue value; do { - value = new DerValue(newstr.buffer); + value = new DerValue(newstr.buffer, buffer.allowBER); vec.addElement(value); } while (newstr.available() > 0);
--- a/src/share/classes/sun/security/util/DerValue.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/util/DerValue.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ -/* - * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved. +/** + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -226,6 +226,16 @@ data = init(stringTag, value); } + // Creates a DerValue from a tag and some DER-encoded data w/ additional + // arg to control whether DER checks are enforced. + DerValue(byte tag, byte[] data, boolean allowBER) { + this.tag = tag; + buffer = new DerInputBuffer(data.clone(), allowBER); + length = data.length; + this.data = new DerInputStream(buffer); + this.data.mark(Integer.MAX_VALUE); + } + /** * Creates a DerValue from a tag and some DER-encoded data. * @@ -233,20 +243,16 @@ * @param data the DER-encoded data */ public DerValue(byte tag, byte[] data) { - this.tag = tag; - buffer = new DerInputBuffer(data.clone()); - length = data.length; - this.data = new DerInputStream(buffer); - this.data.mark(Integer.MAX_VALUE); + this(tag, data, true); } /* * package private */ DerValue(DerInputBuffer in) throws IOException { + // XXX must also parse BER-encoded constructed // values such as sequences, sets... - tag = (byte)in.read(); byte lenByte = (byte)in.read(); length = DerInputStream.getLength(lenByte, in); @@ -261,7 +267,7 @@ dis.readFully(indefData, offset, readLen); dis.close(); DerIndefLenConverter derIn = new DerIndefLenConverter(); - inbuf = new DerInputBuffer(derIn.convert(indefData)); + inbuf = new DerInputBuffer(derIn.convert(indefData), in.allowBER); if (tag != inbuf.read()) throw new IOException ("Indefinite length encoding not supported"); @@ -283,6 +289,12 @@ } } + // Get an ASN.1/DER encoded datum from a buffer w/ additional + // arg to control whether DER checks are enforced. + DerValue(byte[] buf, boolean allowBER) throws IOException { + data = init(true, new ByteArrayInputStream(buf), allowBER); + } + /** * Get an ASN.1/DER encoded datum from a buffer. The * entire buffer must hold exactly one datum, including @@ -291,7 +303,14 @@ * @param buf buffer holding a single DER-encoded datum. */ public DerValue(byte[] buf) throws IOException { - data = init(true, new ByteArrayInputStream(buf)); + this(buf, true); + } + + // Get an ASN.1/DER encoded datum from part of a buffer w/ additional + // arg to control whether DER checks are enforced. + DerValue(byte[] buf, int offset, int len, boolean allowBER) + throws IOException { + data = init(true, new ByteArrayInputStream(buf, offset, len), allowBER); } /** @@ -304,7 +323,13 @@ * @param length how many bytes are in the encoded datum */ public DerValue(byte[] buf, int offset, int len) throws IOException { - data = init(true, new ByteArrayInputStream(buf, offset, len)); + this(buf, offset, len, true); + } + + // Get an ASN1/DER encoded datum from an input stream w/ additional + // arg to control whether DER checks are enforced. + DerValue(InputStream in, boolean allowBER) throws IOException { + data = init(false, in, allowBER); } /** @@ -317,10 +342,11 @@ * which may be followed by additional data */ public DerValue(InputStream in) throws IOException { - data = init(false, in); + this(in, true); } - private DerInputStream init(byte stringTag, String value) throws IOException { + private DerInputStream init(byte stringTag, String value) + throws IOException { String enc = null; tag = stringTag; @@ -348,7 +374,7 @@ byte[] buf = value.getBytes(enc); length = buf.length; - buffer = new DerInputBuffer(buf); + buffer = new DerInputBuffer(buf, true); DerInputStream result = new DerInputStream(buffer); result.mark(Integer.MAX_VALUE); return result; @@ -357,8 +383,8 @@ /* * helper routine */ - private DerInputStream init(boolean fullyBuffered, InputStream in) - throws IOException { + private DerInputStream init(boolean fullyBuffered, InputStream in, + boolean allowBER) throws IOException { tag = (byte)in.read(); byte lenByte = (byte)in.read(); @@ -385,7 +411,7 @@ byte[] bytes = IOUtils.readFully(in, length, true); - buffer = new DerInputBuffer(bytes); + buffer = new DerInputBuffer(bytes, allowBER); return new DerInputStream(buffer); } @@ -480,7 +506,8 @@ if (buffer.read(bytes) != length) throw new IOException("short read on DerValue buffer"); if (isConstructed()) { - DerInputStream in = new DerInputStream(bytes); + DerInputStream in = new DerInputStream(bytes, 0, bytes.length, + buffer.allowBER); bytes = null; while (in.available() != 0) { bytes = append(bytes, in.getOctetString());
--- a/src/share/classes/sun/security/util/DisabledAlgorithmConstraints.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/util/DisabledAlgorithmConstraints.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,17 +25,28 @@ package sun.security.util; +import sun.security.validator.Validator; + +import java.io.ByteArrayOutputStream; +import java.io.PrintStream; import java.security.CryptoPrimitive; import java.security.AlgorithmParameters; import java.security.Key; import java.security.cert.CertPathValidatorException; import java.security.cert.CertPathValidatorException.BasicReason; import java.security.cert.X509Certificate; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Calendar; +import java.util.Date; import java.util.HashMap; import java.util.HashSet; +import java.util.List; import java.util.Locale; import java.util.Map; import java.util.Set; +import java.util.StringTokenizer; +import java.util.TimeZone; import java.util.regex.Pattern; import java.util.regex.Matcher; @@ -49,11 +60,11 @@ private static final Debug debug = Debug.getInstance("certpath"); // the known security property, jdk.certpath.disabledAlgorithms - public final static String PROPERTY_CERTPATH_DISABLED_ALGS = + public static final String PROPERTY_CERTPATH_DISABLED_ALGS = "jdk.certpath.disabledAlgorithms"; // the known security property, jdk.tls.disabledAlgorithms - public final static String PROPERTY_TLS_DISABLED_ALGS = + public static final String PROPERTY_TLS_DISABLED_ALGS = "jdk.tls.disabledAlgorithms"; // the known security property, jdk.jar.disabledAlgorithms @@ -93,14 +104,8 @@ * there are keysize or other limit, this method allow the algorithm. */ @Override - final public boolean permits(Set<CryptoPrimitive> primitives, + public final boolean permits(Set<CryptoPrimitive> primitives, String algorithm, AlgorithmParameters parameters) { - - if (primitives == null || primitives.isEmpty()) { - throw new IllegalArgumentException( - "No cryptographic primitive specified"); - } - return checkAlgorithm(disabledAlgorithms, algorithm, decomposer); } @@ -109,7 +114,7 @@ * placed on the key. */ @Override - final public boolean permits(Set<CryptoPrimitive> primitives, Key key) { + public final boolean permits(Set<CryptoPrimitive> primitives, Key key) { return checkConstraints(primitives, "", key, null); } @@ -118,7 +123,7 @@ * been placed on the key. */ @Override - final public boolean permits(Set<CryptoPrimitive> primitives, + public final boolean permits(Set<CryptoPrimitive> primitives, String algorithm, Key key, AlgorithmParameters parameters) { if (algorithm == null || algorithm.length() == 0) { @@ -128,6 +133,18 @@ return checkConstraints(primitives, algorithm, key, parameters); } + public final void permits(ConstraintsParameters cp) + throws CertPathValidatorException { + permits(cp.getAlgorithm(), cp); + } + + public final void permits(String algorithm, Key key, + AlgorithmParameters params, String variant) + throws CertPathValidatorException { + permits(algorithm, new ConstraintsParameters(algorithm, params, key, + (variant == null) ? Validator.VAR_GENERIC : variant)); + } + /* * Check if a x509Certificate object is permitted. Check if all * algorithms are allowed, certificate constraints, and the @@ -135,18 +152,10 @@ * * Uses new style permit() which throws exceptions. */ - public final void permits(Set<CryptoPrimitive> primitives, - CertConstraintParameters cp) throws CertPathValidatorException { - checkConstraints(primitives, cp); - } - /* - * Check if Certificate object is within the constraints. - * Uses new style permit() which throws exceptions. - */ - public final void permits(Set<CryptoPrimitive> primitives, - X509Certificate cert) throws CertPathValidatorException { - checkConstraints(primitives, new CertConstraintParameters(cert)); + public final void permits(String algorithm, ConstraintsParameters cp) + throws CertPathValidatorException { + algorithmConstraints.permits(algorithm, cp); } // Check if a string is contained inside the property @@ -169,7 +178,7 @@ throw new IllegalArgumentException("The key cannot be null"); } - // check the signature algorithm + // check the signature algorithm with parameters if (algorithm != null && algorithm.length() != 0) { if (!permits(primitives, algorithm, parameters)) { return false; @@ -185,36 +194,6 @@ return algorithmConstraints.permits(key); } - /* - * Check algorithm constraints with Certificate - * Uses new style permit() which throws exceptions. - */ - private void checkConstraints(Set<CryptoPrimitive> primitives, - CertConstraintParameters cp) throws CertPathValidatorException { - - X509Certificate cert = cp.getCertificate(); - String algorithm = cert.getSigAlgName(); - - // Check signature algorithm is not disabled - if (!permits(primitives, algorithm, null)) { - throw new CertPathValidatorException( - "Algorithm constraints check failed on disabled "+ - "signature algorithm: " + algorithm, - null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); - } - - // Check key algorithm is not disabled - if (!permits(primitives, cert.getPublicKey().getAlgorithm(), null)) { - throw new CertPathValidatorException( - "Algorithm constraints check failed on disabled "+ - "public key algorithm: " + algorithm, - null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); - } - - // Check the certificate and key constraints - algorithmConstraints.permits(cp); - - } /** * Key and Certificate Constraints @@ -229,15 +208,18 @@ * 'true' means the operation is allowed. * 'false' means it failed the constraints and is disallowed. * - * When passing CertConstraintParameters through permit(), an exception + * When passing ConstraintsParameters through permit(), an exception * will be thrown on a failure to better identify why the operation was * disallowed. */ private static class Constraints { - private Map<String, Set<Constraint>> constraintsMap = new HashMap<>(); - private static final Pattern keySizePattern = Pattern.compile( - "keySize\\s*(<=|<|==|!=|>|>=)\\s*(\\d+)"); + private Map<String, List<Constraint>> constraintsMap = new HashMap<>(); + + private static class Holder { + private static final Pattern DENY_AFTER_PATTERN = Pattern.compile( + "denyAfter\\s+(\\d{4})-(\\d{2})-(\\d{2})"); + } public Constraints(String[] constraintArray) { for (String constraintEntry : constraintArray) { @@ -252,39 +234,47 @@ // Check if constraint is a complete disabling of an // algorithm or has conditions. - String algorithm; - String policy; int space = constraintEntry.indexOf(' '); - if (space > 0) { - algorithm = AlgorithmDecomposer.hashName( - constraintEntry.substring(0, space). - toUpperCase(Locale.ENGLISH)); - policy = constraintEntry.substring(space + 1); - } else { - constraintsMap.putIfAbsent( - constraintEntry.toUpperCase(Locale.ENGLISH), - new HashSet<>()); + String algorithm = AlgorithmDecomposer.hashName( + ((space > 0 ? constraintEntry.substring(0, space) : + constraintEntry). + toUpperCase(Locale.ENGLISH))); + List<Constraint> constraintList = + constraintsMap.getOrDefault(algorithm, + new ArrayList<>(1)); + constraintsMap.putIfAbsent(algorithm, constraintList); + if (space <= 0) { + constraintList.add(new DisabledConstraint(algorithm)); continue; } + String policy = constraintEntry.substring(space + 1); + // Convert constraint conditions into Constraint classes - Constraint c = null; - Constraint lastConstraint = null; + Constraint c, lastConstraint = null; // Allow only one jdkCA entry per constraint entry boolean jdkCALimit = false; + // Allow only one denyAfter entry per constraint entry + boolean denyAfterLimit = false; for (String entry : policy.split("&")) { entry = entry.trim(); - Matcher matcher = keySizePattern.matcher(entry); - if (matcher.matches()) { + Matcher matcher; + if (entry.startsWith("keySize")) { if (debug != null) { debug.println("Constraints set to keySize: " + entry); } + StringTokenizer tokens = new StringTokenizer(entry); + if (!"keySize".equals(tokens.nextToken())) { + throw new IllegalArgumentException("Error in " + + "security property. Constraint unknown: " + + entry); + } c = new KeySizeConstraint(algorithm, - KeySizeConstraint.Operator.of(matcher.group(1)), - Integer.parseInt(matcher.group(2))); + KeySizeConstraint.Operator.of(tokens.nextToken()), + Integer.parseInt(tokens.nextToken())); } else if (entry.equalsIgnoreCase("jdkCA")) { if (debug != null) { @@ -297,18 +287,39 @@ } c = new jdkCAConstraint(algorithm); jdkCALimit = true; + + } else if (entry.startsWith("denyAfter") && + (matcher = Holder.DENY_AFTER_PATTERN.matcher(entry)) + .matches()) { + if (debug != null) { + debug.println("Constraints set to denyAfter"); + } + if (denyAfterLimit) { + throw new IllegalArgumentException("Only one " + + "denyAfter entry allowed in property. " + + "Constraint: " + constraintEntry); + } + int year = Integer.parseInt(matcher.group(1)); + int month = Integer.parseInt(matcher.group(2)); + int day = Integer.parseInt(matcher.group(3)); + c = new DenyAfterConstraint(algorithm, year, month, + day); + denyAfterLimit = true; + } else if (entry.startsWith("usage")) { + String s[] = (entry.substring(5)).trim().split(" "); + c = new UsageConstraint(algorithm, s); + if (debug != null) { + debug.println("Constraints usage length is " + s.length); + } + } else { + throw new IllegalArgumentException("Error in security" + + " property. Constraint unknown: " + entry); } // Link multiple conditions for a single constraint // into a linked list. if (lastConstraint == null) { - if (!constraintsMap.containsKey(algorithm)) { - constraintsMap.putIfAbsent(algorithm, - new HashSet<>()); - } - if (c != null) { - constraintsMap.get(algorithm).add(c); - } + constraintList.add(c); } else { lastConstraint.nextConstraint = c; } @@ -318,61 +329,73 @@ } // Get applicable constraints based off the signature algorithm - private Set<Constraint> getConstraints(String algorithm) { + private List<Constraint> getConstraints(String algorithm) { return constraintsMap.get(algorithm); } // Check if KeySizeConstraints permit the specified key public boolean permits(Key key) { - Set<Constraint> set = getConstraints(key.getAlgorithm()); - if (set == null) { + List<Constraint> list = getConstraints(key.getAlgorithm()); + if (list == null) { return true; } - for (Constraint constraint : set) { + for (Constraint constraint : list) { if (!constraint.permits(key)) { if (debug != null) { debug.println("keySizeConstraint: failed key " + "constraint check " + KeyUtil.getKeySize(key)); } - return false; - } + return false; + } } - return true; - } + return true; + } // Check if constraints permit this cert. - public void permits(CertConstraintParameters cp) + public void permits(String algorithm, ConstraintsParameters cp) throws CertPathValidatorException { X509Certificate cert = cp.getCertificate(); if (debug != null) { - debug.println("Constraints.permits(): " + cert.getSigAlgName()); + debug.println("Constraints.permits(): " + algorithm + + " Variant: " + cp.getVariant()); } // Get all signature algorithms to check for constraints - Set<String> algorithms = - AlgorithmDecomposer.decomposeOneHash(cert.getSigAlgName()); - if (algorithms == null || algorithms.isEmpty()) { - return; - } + Set<String> algorithms = new HashSet<>(); + if (algorithm != null) { + algorithms.addAll(AlgorithmDecomposer.decomposeOneHash(algorithm)); + } - // Attempt to add the public key algorithm to the set - algorithms.add(cert.getPublicKey().getAlgorithm()); - + // Attempt to add the public key algorithm if cert provided + if (cert != null) { + algorithms.add(cert.getPublicKey().getAlgorithm()); + } + if (cp.getPublicKey() != null) { + algorithms.add(cp.getPublicKey().getAlgorithm()); + } // Check all applicable constraints - for (String algorithm : algorithms) { - Set<Constraint> set = getConstraints(algorithm); - if (set == null) { + for (String alg : algorithms) { + List<Constraint> list = getConstraints(alg); + if (list == null) { continue; } - for (Constraint constraint : set) { + for (Constraint constraint : list) { constraint.permits(cp); } } } - } + } - // Abstract class for algorithm constraint checking + /** + * This abstract Constraint class for algorithm-based checking + * may contain one or more constraints. If the '&' on the {@Security} + * property is used, multiple constraints have been grouped together + * requiring all the constraints to fail for the check to be disallowed. + * + * If the class contains multiple constraints, the next constraint + * is stored in {@code nextConstraint} in linked-list fashion. + */ private abstract static class Constraint { String algorithm; Constraint nextConstraint = null; @@ -408,22 +431,87 @@ } /** - * Check if an algorithm constraint permit this key to be used. + * Check if an algorithm constraint is permitted with a given key. + * + * If the check inside of {@code permit()} fails, it must call + * {@code next()} with the same {@code Key} parameter passed if + * multiple constraints need to be checked. + * * @param key Public key - * @return true if constraints do not match + * @return 'true' if constraint is allowed, 'false' if disallowed. */ public boolean permits(Key key) { return true; } /** - * Check if an algorithm constraint is permit this certificate to - * be used. - * @param cp CertificateParameter containing certificate and state info - * @return true if constraints do not match + * Check if an algorithm constraint is permitted with a given + * ConstraintsParameters. + * + * If the check inside of {@code permits()} fails, it must call + * {@code next()} with the same {@code ConstraintsParameters} + * parameter passed if multiple constraints need to be checked. + * + * @param cp CertConstraintParameter containing certificate info + * @throws CertPathValidatorException if constraint disallows. + * + */ + public abstract void permits(ConstraintsParameters cp) + throws CertPathValidatorException; + + /** + * Recursively check if the constraints are allowed. + * + * If {@code nextConstraint} is non-null, this method will + * call {@code nextConstraint}'s {@code permits()} to check if the + * constraint is allowed or denied. If the constraint's + * {@code permits()} is allowed, this method will exit this and any + * recursive next() calls, returning 'true'. If the constraints called + * were disallowed, the last constraint will throw + * {@code CertPathValidatorException}. + * + * @param cp ConstraintsParameters + * @return 'true' if constraint allows the operation, 'false' if + * we are at the end of the constraint list or, + * {@code nextConstraint} is null. */ - public abstract void permits(CertConstraintParameters cp) - throws CertPathValidatorException; + boolean next(ConstraintsParameters cp) + throws CertPathValidatorException { + if (nextConstraint != null) { + nextConstraint.permits(cp); + return true; + } + return false; + } + + /** + * Recursively check if this constraint is allowed, + * + * If {@code nextConstraint} is non-null, this method will + * call {@code nextConstraint}'s {@code permit()} to check if the + * constraint is allowed or denied. If the constraint's + * {@code permit()} is allowed, this method will exit this and any + * recursive next() calls, returning 'true'. If the constraints + * called were disallowed the check will exit with 'false'. + * + * @param key Public key + * @return 'true' if constraint allows the operation, 'false' if + * the constraint denies the operation. + */ + boolean next(Key key) { + if (nextConstraint != null && nextConstraint.permits(key)) { + return true; + } + return false; + } + + String extendedMsg(ConstraintsParameters cp) { + return (cp.getCertificate() == null ? "." : + " used with certificate: " + + cp.getCertificate().getSubjectX500Principal() + + (cp.getVariant() != Validator.VAR_GENERIC ? + ". Usage was " + cp.getVariant() : ".")); + } } /* @@ -436,30 +524,175 @@ } /* - * Check if each constraint fails and check if there is a linked - * constraint Any permitted constraint will exit the linked list - * to allow the operation. + * Check if ConstraintsParameters has a trusted match, if it does + * call next() for any following constraints. If it does not, exit + * as this constraint(s) does not restrict the operation. */ - public void permits(CertConstraintParameters cp) + public void permits(ConstraintsParameters cp) throws CertPathValidatorException { if (debug != null) { debug.println("jdkCAConstraints.permits(): " + algorithm); } - // Return false if the chain has a trust anchor in cacerts + // Check chain has a trust anchor in cacerts if (cp.isTrustedMatch()) { - if (nextConstraint != null) { - nextConstraint.permits(cp); + if (next(cp)) { return; } throw new CertPathValidatorException( "Algorithm constraints check failed on certificate " + - "anchor limits", + "anchor limits. " + algorithm + extendedMsg(cp), null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); } } } + /* + * This class handles the denyAfter constraint. The date is in the UTC/GMT + * timezone. + */ + private static class DenyAfterConstraint extends Constraint { + private Date denyAfterDate; + private static final SimpleDateFormat dateFormat = + new SimpleDateFormat("EEE, MMM d HH:mm:ss z yyyy"); + + DenyAfterConstraint(String algo, int year, int month, int day) { + Calendar c; + + algorithm = algo; + + if (debug != null) { + debug.println("DenyAfterConstraint read in as: year " + + year + ", month = " + month + ", day = " + day); + } + + c = new Calendar.Builder().setTimeZone(TimeZone.getTimeZone("GMT")) + .setDate(year, month - 1, day).build(); + + if (year > c.getActualMaximum(Calendar.YEAR) || + year < c.getActualMinimum(Calendar.YEAR)) { + throw new IllegalArgumentException( + "Invalid year given in constraint: " + year); + } + if ((month - 1) > c.getActualMaximum(Calendar.MONTH) || + (month - 1) < c.getActualMinimum(Calendar.MONTH)) { + throw new IllegalArgumentException( + "Invalid month given in constraint: " + month); + } + if (day > c.getActualMaximum(Calendar.DAY_OF_MONTH) || + day < c.getActualMinimum(Calendar.DAY_OF_MONTH)) { + throw new IllegalArgumentException( + "Invalid Day of Month given in constraint: " + day); + } + + denyAfterDate = c.getTime(); + if (debug != null) { + debug.println("DenyAfterConstraint date set to: " + + dateFormat.format(denyAfterDate)); + } + } + + /* + * Checking that the provided date is not beyond the constraint date. + * The provided date can be the PKIXParameter date if given, + * otherwise it is the current date. + * + * If the constraint disallows, call next() for any following + * constraints. Throw an exception if this is the last constraint. + */ + @Override + public void permits(ConstraintsParameters cp) + throws CertPathValidatorException { + Date currentDate; + String errmsg; + + if (cp.getJARTimestamp() != null) { + currentDate = cp.getJARTimestamp().getTimestamp(); + errmsg = "JAR Timestamp date: "; + } else if (cp.getPKIXParamDate() != null) { + currentDate = cp.getPKIXParamDate(); + errmsg = "PKIXParameter date: "; + } else { + currentDate = new Date(); + errmsg = "Current date: "; + } + + if (!denyAfterDate.after(currentDate)) { + if (next(cp)) { + return; + } + throw new CertPathValidatorException( + "denyAfter constraint check failed: " + algorithm + + " used with Constraint date: " + + dateFormat.format(denyAfterDate) + "; " + errmsg + + dateFormat.format(currentDate) + extendedMsg(cp), + null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); + } + } + + /* + * Return result if the constraint's date is beyond the current date + * in UTC timezone. + */ + public boolean permits(Key key) { + if (next(key)) { + return true; + } + if (debug != null) { + debug.println("DenyAfterConstraints.permits(): " + algorithm); + } + + return denyAfterDate.after(new Date()); + } + } + + /* + * The usage constraint is for the "usage" keyword. It checks against the + * variant value in ConstraintsParameters. + */ + private static class UsageConstraint extends Constraint { + String[] usages; + + UsageConstraint(String algorithm, String[] usages) { + this.algorithm = algorithm; + this.usages = usages; + } + + public void permits(ConstraintsParameters cp) + throws CertPathValidatorException { + for (String usage : usages) { + + String v = null; + if (usage.compareToIgnoreCase("TLSServer") == 0) { + v = Validator.VAR_TLS_SERVER; + } else if (usage.compareToIgnoreCase("TLSClient") == 0) { + v = Validator.VAR_TLS_CLIENT; + } else if (usage.compareToIgnoreCase("SignedJAR") == 0) { + v = Validator.VAR_PLUGIN_CODE_SIGNING; + } + + if (debug != null) { + debug.println("Checking if usage constraint \"" + v + + "\" matches \"" + cp.getVariant() + "\""); + // Because usage checking can come from many places + // a stack trace is very helpful. + ByteArrayOutputStream ba = new ByteArrayOutputStream(); + PrintStream ps = new PrintStream(ba); + (new Exception()).printStackTrace(ps); + debug.println(ba.toString()); + } + if (cp.getVariant().compareTo(v) == 0) { + if (next(cp)) { + return; + } + throw new CertPathValidatorException("Usage constraint " + + usage + " check failed: " + algorithm + + extendedMsg(cp), + null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); + } + } + } + } /* * This class contains constraints dealing with the key size @@ -513,15 +746,23 @@ * constraint Any permitted constraint will exit the linked list * to allow the operation. */ - public void permits(CertConstraintParameters cp) + public void permits(ConstraintsParameters cp) throws CertPathValidatorException { - if (!permitsImpl(cp.getCertificate().getPublicKey())) { + Key key = null; + if (cp.getPublicKey() != null) { + key = cp.getPublicKey(); + } else if (cp.getCertificate() != null) { + key = cp.getCertificate().getPublicKey(); + } + if (key != null && !permitsImpl(key)) { if (nextConstraint != null) { nextConstraint.permits(cp); return; } throw new CertPathValidatorException( - "Algorithm constraints check failed on keysize limits", + "Algorithm constraints check failed on keysize limits. " + + algorithm + " " + KeyUtil.getKeySize(key) + "bit key" + + extendedMsg(cp), null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); } } @@ -559,6 +800,27 @@ return true; } + } + + /* + * This constraint is used for the complete disabling of the algorithm. + */ + private static class DisabledConstraint extends Constraint { + DisabledConstraint(String algo) { + algorithm = algo; + } + + public void permits(ConstraintsParameters cp) + throws CertPathValidatorException { + throw new CertPathValidatorException( + "Algorithm constraints check failed on disabled " + + "algorithm: " + algorithm + extendedMsg(cp), + null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); + } + + public boolean permits(Key key) { + return false; } } +}
--- a/src/share/classes/sun/security/util/HostnameChecker.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/util/HostnameChecker.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,7 @@ import java.security.cert.*; import javax.security.auth.x500.X500Principal; +import javax.net.ssl.SNIHostName; import sun.security.ssl.Krb5Helper; import sun.security.x509.X500Name; @@ -186,6 +187,15 @@ */ private void matchDNS(String expectedName, X509Certificate cert) throws CertificateException { + // Check that the expected name is a valid domain name. + try { + // Using the checking implemented in SNIHostName + SNIHostName sni = new SNIHostName(expectedName); + } catch (IllegalArgumentException iae) { + throw new CertificateException( + "Illegal given domain name: " + expectedName, iae); + } + Collection<List<?>> subjAltNames = cert.getSubjectAlternativeNames(); if (subjAltNames != null) { boolean foundDNS = false; @@ -257,6 +267,18 @@ * may contain the wildcard character * */ private boolean isMatched(String name, String template) { + // check the validity of the domain name template. + try { + // Replacing wildcard character '*' with 'x' so as to check + // the domain name template validity. + // + // Using the checking implemented in SNIHostName + SNIHostName sni = new SNIHostName(template.replace('*', 'x')); + } catch (IllegalArgumentException iae) { + // It would be nice to add debug log if not matching. + return false; + } + if (checkType == TYPE_TLS) { return matchAllWildcards(name, template); } else if (checkType == TYPE_LDAP) {
--- a/src/share/classes/sun/security/util/ManifestEntryVerifier.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/util/ManifestEntryVerifier.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -107,6 +107,8 @@ /* get the headers from the manifest for this entry */ /* if there aren't any, we can't verify any digests for this entry */ + skip = false; + Attributes attr = man.getAttributes(name); if (attr == null) { // ugh. we should be able to remove this at some point. @@ -141,7 +143,6 @@ } if (digest != null) { - skip = false; digest.reset(); digests.add(digest); manifestHashes.add( @@ -197,6 +198,10 @@ return null; } + if (digests.isEmpty()) { + throw new SecurityException("digest missing for " + name); + } + if (signers != null) return signers;
--- a/src/share/classes/sun/security/util/Resources_sv.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/util/Resources_sv.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -53,9 +53,9 @@ "CredOwner:\n\tIdentitetshavareklass = {0}\n\tIdentitetshavarenamn = {1}"}, // javax.security.auth.x500 - {"provided.null.name", "angav null-namn"}, - {"provided.null.keyword.map", "nullnyckelordsmappning tillhandah\u00F6lls"}, - {"provided.null.OID.map", "null-OID-mappning tillhandah\u00F6lls"}, + {"provided.null.name", "null-namn angavs"}, + {"provided.null.keyword.map", "nullnyckelordsmappning angavs"}, + {"provided.null.OID.map", "null-OID-mappning angavs"}, // javax.security.auth.Subject {"NEWLINE", "\n"}, @@ -73,7 +73,7 @@ "\tPrivat inloggning \u00E4r inte tillg\u00E4nglig\n"}, {"Subject.is.read.only", "Innehavare \u00E4r skrivskyddad"}, {"attempting.to.add.an.object.which.is.not.an.instance.of.java.security.Principal.to.a.Subject.s.Principal.Set", - "f\u00F6rs\u00F6k att l\u00E4gga till ett objekt som inte \u00E4r en f\u00F6rekomst av java.security.Principal till en upps\u00E4ttning av identitetshavare"}, + "f\u00F6rs\u00F6k att l\u00E4gga till ett objekt som inte \u00E4r en instans av java.security.Principal till ett subjekts upps\u00E4ttning av identitetshavare"}, {"attempting.to.add.an.object.which.is.not.an.instance.of.class", "f\u00F6rs\u00F6ker l\u00E4gga till ett objekt som inte \u00E4r en instans av {0}"}, @@ -84,11 +84,11 @@ {"Invalid.null.input.name", "Ogiltiga null-indata: namn"}, {"No.LoginModules.configured.for.name", "Inga inloggningsmoduler har konfigurerats f\u00F6r {0}"}, - {"invalid.null.Subject.provided", "ogiltig null-innehavare"}, + {"invalid.null.Subject.provided", "ogiltig null-subjekt"}, {"invalid.null.CallbackHandler.provided", "ogiltig null-CallbackHandler"}, {"null.subject.logout.called.before.login", - "null-innehavare - utloggning anropades f\u00F6re inloggning"}, + "null-subjekt - utloggning anropades f\u00F6re inloggning"}, {"unable.to.instantiate.LoginModule.module.because.it.does.not.provide.a.no.argument.constructor", "kan inte instansiera LoginModule, {0}, eftersom den inte tillhandah\u00E5ller n\u00E5gon icke-argumentskonstruktor"}, {"unable.to.instantiate.LoginModule", @@ -148,12 +148,12 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", - "PKCS11-tecken [{0}] L\u00F6senord: "}, + "L\u00F6senord f\u00F6r PKCS11-token [{0}]: "}, /* --- DEPRECATED --- */ // javax.security.auth.Policy {"unable.to.instantiate.Subject.based.policy", - "den innehavarbaserade policyn kan inte skapas"} + "kan inte instansiera subjektbaserad policy"} };
--- a/src/share/classes/sun/security/util/SignatureFileVerifier.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/util/SignatureFileVerifier.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,25 +28,23 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.security.CodeSigner; -import java.security.CryptoPrimitive; +import java.security.GeneralSecurityException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.SignatureException; +import java.security.Timestamp; import java.security.cert.CertPath; import java.security.cert.X509Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.util.ArrayList; import java.util.Base64; -import java.util.Collections; -import java.util.EnumSet; import java.util.HashMap; import java.util.Hashtable; import java.util.Iterator; import java.util.List; import java.util.Locale; import java.util.Map; -import java.util.Set; import java.util.jar.Attributes; import java.util.jar.JarException; import java.util.jar.JarFile; @@ -61,9 +59,6 @@ /* Are we debugging ? */ private static final Debug debug = Debug.getInstance("jar"); - private static final Set<CryptoPrimitive> DIGEST_PRIMITIVE_SET = - Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.MESSAGE_DIGEST)); - private static final DisabledAlgorithmConstraints JAR_DISABLED_CHECK = new DisabledAlgorithmConstraints( DisabledAlgorithmConstraints.PROPERTY_JAR_DISABLED_ALGS); @@ -78,7 +73,7 @@ private PKCS7 block; /** the raw bytes of the .SF file */ - private byte sfBytes[]; + private byte[] sfBytes; /** the name of the signature block file, uppercased and without * the extension (.DSA/.RSA/.EC) @@ -97,6 +92,14 @@ /* for generating certpath objects */ private CertificateFactory certificateFactory = null; + /** Algorithms that have been checked if they are weak. */ + private Map<String, Boolean> permittedAlgs= new HashMap<>(); + + /** TSA timestamp of signed jar. The newest timestamp is used. If there + * was no TSA timestamp used when signed, current time is used ("null"). + */ + private Timestamp timestamp = null; + /** * Create the named SignatureFileVerifier. * @@ -107,7 +110,7 @@ public SignatureFileVerifier(ArrayList<CodeSigner[]> signerCache, ManifestDigester md, String name, - byte rawBytes[]) + byte[] rawBytes) throws IOException, CertificateException { // new PKCS7() calls CertificateFactory.getInstance() @@ -121,7 +124,7 @@ } finally { Providers.stopJarVerification(obj); } - this.name = name.substring(0, name.lastIndexOf(".")) + this.name = name.substring(0, name.lastIndexOf('.')) .toUpperCase(Locale.ENGLISH); this.md = md; this.signerCache = signerCache; @@ -152,7 +155,7 @@ * used to set the raw bytes of the .SF file when it * is external to the signature block file. */ - public void setSignatureFile(byte sfBytes[]) + public void setSignatureFile(byte[] sfBytes) { this.sfBytes = sfBytes; } @@ -168,11 +171,10 @@ */ public static boolean isBlockOrSF(String s) { // we currently only support DSA and RSA PKCS7 blocks - if (s.endsWith(".SF") || s.endsWith(".DSA") || - s.endsWith(".RSA") || s.endsWith(".EC")) { - return true; - } - return false; + return s.endsWith(".SF") + || s.endsWith(".DSA") + || s.endsWith(".RSA") + || s.endsWith(".EC"); } /** @@ -182,7 +184,7 @@ * unknown signature related files (those starting with SIG- with * an optional [A-Z0-9]{1,3} extension right inside META-INF). * - * @param s file name + * @param name file name * @return true if the input file name is signature related */ public static boolean isSigningRelated(String name) { @@ -198,7 +200,7 @@ return true; } else if (name.startsWith("SIG-")) { // check filename extension - // see https://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures + // see http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures // for what filename extensions are legal int extIndex = name.lastIndexOf('.'); if (extIndex != -1) { @@ -223,17 +225,10 @@ /** get digest from cache */ - private MessageDigest getDigest(String algorithm) throws SignatureException { - // check that algorithm is not restricted - if (!JAR_DISABLED_CHECK.permits(DIGEST_PRIMITIVE_SET, algorithm, null)) { - SignatureException e = - new SignatureException("SignatureFile check failed. " + - "Disabled algorithm used: " + algorithm); - throw e; - } - + private MessageDigest getDigest(String algorithm) + throws SignatureException { if (createdDigests == null) - createdDigests = new HashMap<String, MessageDigest>(); + createdDigests = new HashMap<>(); MessageDigest digest = createdDigests.get(algorithm); @@ -303,6 +298,27 @@ if (newSigners == null) return; + /* + * Look for the latest timestamp in the signature block. If an entry + * has no timestamp, use current time (aka null). + */ + for (CodeSigner s: newSigners) { + if (debug != null) { + debug.println("Gathering timestamp for: " + s.toString()); + } + if (s.getTimestamp() == null) { + timestamp = null; + break; + } else if (timestamp == null) { + timestamp = s.getTimestamp(); + } else { + if (timestamp.getTimestamp().before( + s.getTimestamp().getTimestamp())) { + timestamp = s.getTimestamp(); + } + } + } + Iterator<Map.Entry<String,Attributes>> entries = sf.getEntries().entrySet().iterator(); @@ -346,6 +362,68 @@ } /** + * Check if algorithm is permitted using the permittedAlgs Map. + * If the algorithm is not in the map, check against disabled algorithms and + * store the result. If the algorithm is in the map use that result. + * False is returned for weak algorithm, true for good algorithms. + */ + boolean permittedCheck(String key, String algorithm) { + Boolean permitted = permittedAlgs.get(algorithm); + if (permitted == null) { + try { + JAR_DISABLED_CHECK.permits(algorithm, + new ConstraintsParameters(timestamp)); + } catch(GeneralSecurityException e) { + permittedAlgs.put(algorithm, Boolean.FALSE); + permittedAlgs.put(key.toUpperCase(), Boolean.FALSE); + if (debug != null) { + if (e.getMessage() != null) { + debug.println(key + ": " + e.getMessage()); + } else { + debug.println(key + ": " + algorithm + + " was disabled, no exception msg given."); + e.printStackTrace(); + } + } + return false; + } + + permittedAlgs.put(algorithm, Boolean.TRUE); + return true; + } + + // Algorithm has already been checked, return the value from map. + return permitted.booleanValue(); + } + + /** + * With a given header (*-DIGEST*), return a string that lists all the + * algorithms associated with the header. + * If there are none, return "Unknown Algorithm". + */ + String getWeakAlgorithms(String header) { + String w = ""; + try { + for (String key : permittedAlgs.keySet()) { + if (key.endsWith(header)) { + w += key.substring(0, key.length() - header.length()) + " "; + } + } + } catch (RuntimeException e) { + w = "Unknown Algorithm(s). Error processing " + header + ". " + + e.getMessage(); + } + + // This means we have an error in finding weak algorithms, run in + // debug mode to see permittedAlgs map's values. + if (w.length() == 0) { + return "Unknown Algorithm(s)"; + } + + return w; + } + + /** * See if the whole manifest was signed. */ private boolean verifyManifestHash(Manifest sf, @@ -355,6 +433,10 @@ { Attributes mattr = sf.getMainAttributes(); boolean manifestSigned = false; + // If only weak algorithms are used. + boolean weakAlgs = true; + // If a "*-DIGEST-MANIFEST" entry is found. + boolean validEntry = false; // go through all the attributes and process *-Digest-Manifest entries for (Map.Entry<Object,Object> se : mattr.entrySet()) { @@ -364,6 +446,16 @@ if (key.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST-MANIFEST")) { // 16 is length of "-Digest-Manifest" String algorithm = key.substring(0, key.length()-16); + validEntry = true; + + // Check if this algorithm is permitted, skip if false. + if (!permittedCheck(key, algorithm)) { + continue; + } + + // A non-weak algorithm was used, any weak algorithms found do + // not need to be reported. + weakAlgs = false; manifestDigests.add(key); manifestDigests.add(se.getValue()); @@ -374,15 +466,14 @@ Base64.getMimeDecoder().decode((String)se.getValue()); if (debug != null) { - debug.println("Signature File: Manifest digest " + - digest.getAlgorithm()); - debug.println( " sigfile " + toHex(expectedHash)); - debug.println( " computed " + toHex(computedHash)); - debug.println(); + debug.println("Signature File: Manifest digest " + + algorithm); + debug.println( " sigfile " + toHex(expectedHash)); + debug.println( " computed " + toHex(computedHash)); + debug.println(); } - if (MessageDigest.isEqual(computedHash, - expectedHash)) { + if (MessageDigest.isEqual(computedHash, expectedHash)) { manifestSigned = true; } else { //XXX: we will continue and verify each section @@ -390,15 +481,33 @@ } } } + + if (debug != null) { + debug.println("PermittedAlgs mapping: "); + for (String key : permittedAlgs.keySet()) { + debug.println(key + " : " + + permittedAlgs.get(key).toString()); + } + } + + // If there were only weak algorithms entries used, throw an exception. + if (validEntry && weakAlgs) { + throw new SignatureException("Manifest hash check failed " + + "(DIGEST-MANIFEST). Disabled algorithm(s) used: " + + getWeakAlgorithms("-DIGEST-MANIFEST")); + } return manifestSigned; } - private boolean verifyManifestMainAttrs(Manifest sf, - ManifestDigester md) + private boolean verifyManifestMainAttrs(Manifest sf, ManifestDigester md) throws IOException, SignatureException { Attributes mattr = sf.getMainAttributes(); boolean attrsVerified = true; + // If only weak algorithms are used. + boolean weakAlgs = true; + // If a ATTR_DIGEST entry is found. + boolean validEntry = false; // go through all the attributes and process // digest entries for the manifest main attributes @@ -408,6 +517,16 @@ if (key.toUpperCase(Locale.ENGLISH).endsWith(ATTR_DIGEST)) { String algorithm = key.substring(0, key.length() - ATTR_DIGEST.length()); + validEntry = true; + + // Check if this algorithm is permitted, skip if false. + if (!permittedCheck(key, algorithm)) { + continue; + } + + // A non-weak algorithm was used, any weak algorithms found do + // not need to be reported. + weakAlgs = false; MessageDigest digest = getDigest(algorithm); if (digest != null) { @@ -426,8 +545,7 @@ debug.println(); } - if (MessageDigest.isEqual(computedHash, - expectedHash)) { + if (MessageDigest.isEqual(computedHash, expectedHash)) { // good } else { // we will *not* continue and verify each section @@ -443,6 +561,22 @@ } } + if (debug != null) { + debug.println("PermittedAlgs mapping: "); + for (String key : permittedAlgs.keySet()) { + debug.println(key + " : " + + permittedAlgs.get(key).toString()); + } + } + + // If there were only weak algorithms entries used, throw an exception. + if (validEntry && weakAlgs) { + throw new SignatureException("Manifest Main Attribute check " + + "failed (" + ATTR_DIGEST + "). " + + "Disabled algorithm(s) used: " + + getWeakAlgorithms(ATTR_DIGEST)); + } + // this method returns 'true' if either: // . manifest main attributes were not signed, or // . manifest main attributes were signed and verified @@ -465,6 +599,10 @@ { boolean oneDigestVerified = false; ManifestDigester.Entry mde = md.get(name,block.isOldStyle()); + // If only weak algorithms are used. + boolean weakAlgs = true; + // If a "*-DIGEST" entry is found. + boolean validEntry = false; if (mde == null) { throw new SecurityException( @@ -472,8 +610,7 @@ } if (sfAttr != null) { - - //sun.misc.HexDumpEncoder hex = new sun.misc.HexDumpEncoder(); + //sun.security.util.HexDumpEncoder hex = new sun.security.util.HexDumpEncoder(); //hex.encodeBuffer(data, System.out); // go through all the attributes and process *-Digest entries @@ -483,6 +620,16 @@ if (key.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST")) { // 7 is length of "-Digest" String algorithm = key.substring(0, key.length()-7); + validEntry = true; + + // Check if this algorithm is permitted, skip if false. + if (!permittedCheck(key, algorithm)) { + continue; + } + + // A non-weak algorithm was used, any weak algorithms found do + // not need to be reported. + weakAlgs = false; MessageDigest digest = getDigest(algorithm); @@ -533,6 +680,22 @@ } } } + + if (debug != null) { + debug.println("PermittedAlgs mapping: "); + for (String key : permittedAlgs.keySet()) { + debug.println(key + " : " + + permittedAlgs.get(key).toString()); + } + } + + // If there were only weak algorithms entries used, throw an exception. + if (validEntry && weakAlgs) { + throw new SignatureException("Manifest Main Attribute check " + + "failed (DIGEST). Disabled algorithm(s) used: " + + getWeakAlgorithms("DIGEST")); + } + return oneDigestVerified; } @@ -541,7 +704,7 @@ * CodeSigner objects. We do this only *once* for a given * signature block file. */ - private CodeSigner[] getSigners(SignerInfo infos[], PKCS7 block) + private CodeSigner[] getSigners(SignerInfo[] infos, PKCS7 block) throws IOException, NoSuchAlgorithmException, SignatureException, CertificateException { @@ -553,7 +716,7 @@ ArrayList<X509Certificate> chain = info.getCertificateChain(block); CertPath certChain = certificateFactory.generateCertPath(chain); if (signers == null) { - signers = new ArrayList<CodeSigner>(); + signers = new ArrayList<>(); } // Append the new code signer signers.add(new CodeSigner(certChain, info.getTimestamp())); @@ -582,7 +745,7 @@ static String toHex(byte[] data) { - StringBuffer sb = new StringBuffer(data.length*2); + StringBuilder sb = new StringBuilder(data.length*2); for (int i=0; i<data.length; i++) { sb.append(hexc[(data[i] >>4) & 0x0f]);
--- a/src/share/classes/sun/security/validator/PKIXValidator.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/validator/PKIXValidator.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -33,10 +33,11 @@ import javax.security.auth.x500.X500Principal; import sun.security.action.GetBooleanAction; import sun.security.provider.certpath.AlgorithmChecker; +import sun.security.provider.certpath.PKIXExtendedParameters; /** * Validator implementation built on the PKIX CertPath API. This - * implementation will be emphasized going forward.<p> + * implementation will be emphasized going forward. * <p> * Note that the validate() implementation tries to use a PKIX validator * if that appears possible and a PKIX builder otherwise. This increases @@ -208,13 +209,22 @@ ("null or zero-length certificate chain"); } - // add new algorithm constraints checker - PKIXBuilderParameters pkixParameters = - (PKIXBuilderParameters) parameterTemplate.clone(); - AlgorithmChecker algorithmChecker = null; + // Use PKIXExtendedParameters for timestamp and variant additions + PKIXBuilderParameters pkixParameters = null; + try { + pkixParameters = new PKIXExtendedParameters( + (PKIXBuilderParameters) parameterTemplate.clone(), + (parameter instanceof Timestamp) ? + (Timestamp) parameter : null, + variant); + } catch (InvalidAlgorithmParameterException e) { + // ignore exception + } + + // add a new algorithm constraints checker if (constraints != null) { - algorithmChecker = new AlgorithmChecker(constraints); - pkixParameters.addCertPathChecker(algorithmChecker); + pkixParameters.addCertPathChecker( + new AlgorithmChecker(constraints, null, variant)); } if (TRY_VALIDATOR) {
--- a/src/share/classes/sun/security/validator/SimpleValidator.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/validator/SimpleValidator.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,7 @@ import javax.security.auth.x500.X500Principal; import sun.security.x509.X509CertImpl; +import sun.security.x509.KeyIdentifier; import sun.security.x509.NetscapeCertTypeExtension; import sun.security.util.DerValue; import sun.security.util.DerInputStream; @@ -153,12 +154,14 @@ // create default algorithm constraints checker TrustAnchor anchor = new TrustAnchor(anchorCert, null); - AlgorithmChecker defaultAlgChecker = new AlgorithmChecker(anchor); + AlgorithmChecker defaultAlgChecker = + new AlgorithmChecker(anchor, variant); // create application level algorithm constraints checker AlgorithmChecker appAlgChecker = null; if (constraints != null) { - appAlgChecker = new AlgorithmChecker(anchor, constraints); + appAlgChecker = new AlgorithmChecker(anchor, constraints, null, + null, variant); } // verify top down, starting at the certificate issued by
--- a/src/share/classes/sun/security/x509/PKIXExtensions.java Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/classes/sun/security/x509/PKIXExtensions.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -49,34 +49,39 @@ */ public class PKIXExtensions { // The object identifiers - private static final int AuthorityKey_data [] = { 2, 5, 29, 35 }; - private static final int SubjectKey_data [] = { 2, 5, 29, 14 }; - private static final int KeyUsage_data [] = { 2, 5, 29, 15 }; - private static final int PrivateKeyUsage_data [] = { 2, 5, 29, 16 }; - private static final int CertificatePolicies_data [] = { 2, 5, 29, 32 }; - private static final int PolicyMappings_data [] = { 2, 5, 29, 33 }; - private static final int SubjectAlternativeName_data [] = { 2, 5, 29, 17 }; - private static final int IssuerAlternativeName_data [] = { 2, 5, 29, 18 }; - private static final int SubjectDirectoryAttributes_data [] = { 2, 5, 29, 9 }; - private static final int BasicConstraints_data [] = { 2, 5, 29, 19 }; - private static final int NameConstraints_data [] = { 2, 5, 29, 30 }; - private static final int PolicyConstraints_data [] = { 2, 5, 29, 36 }; - private static final int CRLDistributionPoints_data [] = { 2, 5, 29, 31 }; - private static final int CRLNumber_data [] = { 2, 5, 29, 20 }; - private static final int IssuingDistributionPoint_data [] = { 2, 5, 29, 28 }; - private static final int DeltaCRLIndicator_data [] = { 2, 5, 29, 27 }; - private static final int ReasonCode_data [] = { 2, 5, 29, 21 }; - private static final int HoldInstructionCode_data [] = { 2, 5, 29, 23 }; - private static final int InvalidityDate_data [] = { 2, 5, 29, 24 }; - private static final int ExtendedKeyUsage_data [] = { 2, 5, 29, 37 }; - private static final int InhibitAnyPolicy_data [] = { 2, 5, 29, 54 }; - private static final int CertificateIssuer_data [] = { 2, 5, 29, 29 }; - private static final int AuthInfoAccess_data [] = { 1, 3, 6, 1, 5, 5, 7, 1, 1}; - private static final int SubjectInfoAccess_data [] = { 1, 3, 6, 1, 5, 5, 7, 1, 11}; - private static final int FreshestCRL_data [] = { 2, 5, 29, 46 }; - private static final int OCSPNoCheck_data [] = { 1, 3, 6, 1, 5, 5, 7, + private static final int[] AuthorityKey_data = { 2, 5, 29, 35 }; + private static final int[] SubjectKey_data = { 2, 5, 29, 14 }; + private static final int[] KeyUsage_data = { 2, 5, 29, 15 }; + private static final int[] PrivateKeyUsage_data = { 2, 5, 29, 16 }; + private static final int[] CertificatePolicies_data = { 2, 5, 29, 32 }; + private static final int[] PolicyMappings_data = { 2, 5, 29, 33 }; + private static final int[] SubjectAlternativeName_data = { 2, 5, 29, 17 }; + private static final int[] IssuerAlternativeName_data = { 2, 5, 29, 18 }; + private static final int[] SubjectDirectoryAttributes_data = { 2, 5, 29, 9 }; + private static final int[] BasicConstraints_data = { 2, 5, 29, 19 }; + private static final int[] NameConstraints_data = { 2, 5, 29, 30 }; + private static final int[] PolicyConstraints_data = { 2, 5, 29, 36 }; + private static final int[] CRLDistributionPoints_data = { 2, 5, 29, 31 }; + private static final int[] CRLNumber_data = { 2, 5, 29, 20 }; + private static final int[] IssuingDistributionPoint_data = { 2, 5, 29, 28 }; + private static final int[] DeltaCRLIndicator_data = { 2, 5, 29, 27 }; + private static final int[] ReasonCode_data = { 2, 5, 29, 21 }; + private static final int[] HoldInstructionCode_data = { 2, 5, 29, 23 }; + private static final int[] InvalidityDate_data = { 2, 5, 29, 24 }; + private static final int[] ExtendedKeyUsage_data = { 2, 5, 29, 37 }; + private static final int[] InhibitAnyPolicy_data = { 2, 5, 29, 54 }; + private static final int[] CertificateIssuer_data = { 2, 5, 29, 29 }; + private static final int[] AuthInfoAccess_data = { 1, 3, 6, 1, 5, 5, 7, 1, 1}; + private static final int[] SubjectInfoAccess_data = { 1, 3, 6, 1, 5, 5, 7, 1, 11}; + private static final int[] FreshestCRL_data = { 2, 5, 29, 46 }; + private static final int[] OCSPNoCheck_data = { 1, 3, 6, 1, 5, 5, 7, 48, 1, 5}; + // Additional extensions under the PKIX arc that are not necessarily + // used in X.509 Certificates or CRLs. + private static final int[] OCSPNonce_data = { 1, 3, 6, 1, 5, 5, 7, + 48, 1, 2}; + /** * Identifies the particular public key used to sign the certificate. */ @@ -104,18 +109,20 @@ public static final ObjectIdentifier CertificatePolicies_Id; /** - * Lists pairs of objectidentifiers of policies considered equivalent by the - * issuing CA to the subject CA. + * Lists pairs of object identifiers of policies considered equivalent by + * the issuing CA to the subject CA. */ public static final ObjectIdentifier PolicyMappings_Id; /** - * Allows additional identities to be bound to the subject of the certificate. + * Allows additional identities to be bound to the subject of the + * certificate. */ public static final ObjectIdentifier SubjectAlternativeName_Id; /** - * Allows additional identities to be associated with the certificate issuer. + * Allows additional identities to be associated with the certificate + * issuer. */ public static final ObjectIdentifier IssuerAlternativeName_Id; @@ -224,6 +231,12 @@ */ public static final ObjectIdentifier OCSPNoCheck_Id; + /** + * This extension is used to provide nonce data for OCSP requests + * or responses. + */ + public static final ObjectIdentifier OCSPNonce_Id; + static { AuthorityKey_Id = ObjectIdentifier.newInternal(AuthorityKey_data); SubjectKey_Id = ObjectIdentifier.newInternal(SubjectKey_data); @@ -266,5 +279,6 @@ ObjectIdentifier.newInternal(SubjectInfoAccess_data); FreshestCRL_Id = ObjectIdentifier.newInternal(FreshestCRL_data); OCSPNoCheck_Id = ObjectIdentifier.newInternal(OCSPNoCheck_data); + OCSPNonce_Id = ObjectIdentifier.newInternal(OCSPNonce_data); } }
--- a/src/share/lib/security/java.security-aix Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/lib/security/java.security-aix Wed Jul 19 05:41:28 2017 +0100 @@ -209,6 +209,8 @@ com.sun.org.apache.xalan.internal.xsltc.trax.,\ com.sun.org.apache.xalan.internal.xsltc.util.,\ com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.resolver.helpers.,\ + com.sun.org.apache.xml.internal.resolver.readers.,\ com.sun.org.apache.xml.internal.security.,\ com.sun.org.apache.xml.internal.serializer.utils.,\ com.sun.org.apache.xml.internal.utils.,\ @@ -256,6 +258,8 @@ com.sun.org.apache.xalan.internal.xsltc.trax.,\ com.sun.org.apache.xalan.internal.xsltc.util.,\ com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.resolver.helpers.,\ + com.sun.org.apache.xml.internal.resolver.readers.,\ com.sun.org.apache.xml.internal.security.,\ com.sun.org.apache.xml.internal.serializer.utils.,\ com.sun.org.apache.xml.internal.utils.,\ @@ -429,9 +433,7 @@ # describes the mechanism for disabling algorithms based on algorithm name # and/or key length. This includes algorithms used in certificates, as well # as revocation information such as CRLs and signed OCSP Responses. -# -# The syntax of the disabled algorithm string is described as this Java -# BNF-style: +# The syntax of the disabled algorithm string is described as follows: # DisabledAlgorithms: # " DisabledAlgorithm { , DisabledAlgorithm } " # @@ -442,25 +444,26 @@ # (see below) # # Constraint: -# KeySizeConstraint, CertConstraint +# KeySizeConstraint | CAConstraint | DenyAfterConstraint | +# UsageConstraint # # KeySizeConstraint: -# keySize Operator DecimalInteger +# keySize Operator KeyLength # # Operator: # <= | < | == | != | >= | > # -# DecimalInteger: -# DecimalDigits +# KeyLength: +# Integer value of the algorithm's key length in bits # -# DecimalDigits: -# DecimalDigit {DecimalDigit} +# CAConstraint: +# jdkCA # -# DecimalDigit: one of -# 1 2 3 4 5 6 7 8 9 0 +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD # -# CertConstraint -# jdkCA +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] # # The "AlgorithmName" is the standard algorithm name of the disabled # algorithm. See "Java Cryptography Architecture Standard Algorithm Name @@ -474,27 +477,55 @@ # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion # will not disable algorithms related to "ECDSA". # -# A "Constraint" provides further guidance for the algorithm being specified. -# The "KeySizeConstraint" requires a key of a valid size range if the -# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the -# key size specified in number of bits. For example, "RSA keySize <= 1024" -# indicates that any RSA key with key size less than or equal to 1024 bits -# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates -# that any RSA key with key size less than 1024 or greater than 2048 should -# be disabled. Note that the "KeySizeConstraint" only makes sense to key -# algorithms. +# A "Constraint" defines restrictions on the keys and/or certificates for +# a specified AlgorithmName: +# +# KeySizeConstraint: +# keySize Operator KeyLength +# The constraint requires a key of a valid size range if the +# "AlgorithmName" is of a key algorithm. The "KeyLength" indicates +# the key size specified in number of bits. For example, +# "RSA keySize <= 1024" indicates that any RSA key with key size less +# than or equal to 1024 bits should be disabled, and +# "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key +# with key size less than 1024 or greater than 2048 should be disabled. +# This constraint is only used on algorithms that have a key size. +# +# CAConstraint: +# jdkCA +# This constraint prohibits the specified algorithm only if the +# algorithm is used in a certificate chain that terminates at a marked +# trust anchor in the lib/security/cacerts keystore. If the jdkCA +# constraint is not set, then all chains using the specified algorithm +# are restricted. jdkCA may only be used once in a DisabledAlgorithm +# expression. +# Example: To apply this constraint to SHA-1 certificates, include +# the following: "SHA1 jdkCA" # -# "CertConstraint" specifies additional constraints for -# certificates that contain algorithms that are restricted: +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# This constraint prohibits a certificate with the specified algorithm +# from being used after the date regardless of the certificate's +# validity. JAR files that are signed and timestamped before the +# constraint date with certificates containing the disabled algorithm +# will not be restricted. The date is processed in the UTC timezone. +# This constraint can only be used once in a DisabledAlgorithm +# expression. +# Example: To deny usage of RSA 2048 bit certificates after Feb 3 2020, +# use the following: "RSA keySize == 2048 & denyAfter 2020-02-03" # -# "jdkCA" prohibits the specified algorithm only if the algorithm is used -# in a certificate chain that terminates at a marked trust anchor in the -# lib/security/cacerts keystore. All other chains are not affected. -# If the jdkCA constraint is not set, then all chains using the -# specified algorithm are restricted. jdkCA may only be used once in -# a DisabledAlgorithm expression. -# Example: To apply this constraint to SHA-1 certificates, include -# the following "SHA1 jdkCA" +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] +# This constraint prohibits the specified algorithm for +# a specified usage. This should be used when disabling an algorithm +# for all usages is not practical. 'TLSServer' restricts the algorithm +# in TLS server certificate chains when server authentication is +# performed. 'TLSClient' restricts the algorithm in TLS client +# certificate chains when client authentication is performed. +# 'SignedJAR' constrains use of certificates in signed jar files. +# The usage type follows the keyword and more than one usage type can +# be specified with a whitespace delimiter. +# Example: "SHA1 usage TLSServer TLSClient" # # When an algorithm must satisfy more than one constraint, it must be # delimited by an ampersand '&'. For example, to restrict certificates in a @@ -507,6 +538,9 @@ # before larger keysize constraints of the same algorithm. For example: # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048". # +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# # Note: This property is currently used by Oracle's PKIX implementation. It # is not guaranteed to be examined and used by other implementations. # @@ -514,9 +548,10 @@ # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ - DSA keySize < 1024, EC keySize < 224 +jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 +# # Algorithm restrictions for signed JAR files # # In some environments, certain algorithms or key lengths may be undesirable @@ -531,17 +566,20 @@ # " DisabledAlgorithm { , DisabledAlgorithm } " # # DisabledAlgorithm: -# AlgorithmName [Constraint] +# AlgorithmName [Constraint] { '&' Constraint } # # AlgorithmName: # (see below) # # Constraint: -# KeySizeConstraint +# KeySizeConstraint | DenyAfterConstraint # # KeySizeConstraint: # keySize Operator KeyLength # +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# # Operator: # <= | < | == | != | >= | > # @@ -552,8 +590,11 @@ # implementation. It is not guaranteed to be examined and used by other # implementations. # +# See "jdk.certpath.disabledAlgorithms" for syntax descriptions. +# jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +# # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS) processing # @@ -575,6 +616,9 @@ # See the specification of "jdk.certpath.disabledAlgorithms" for the # syntax of the disabled algorithm string. # +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# # Note: This property is currently used by the JDK Reference implementation. # It is not guaranteed to be examined and used by other implementations. #
--- a/src/share/lib/security/java.security-linux Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/lib/security/java.security-linux Wed Jul 19 05:41:28 2017 +0100 @@ -209,6 +209,8 @@ com.sun.org.apache.xalan.internal.xsltc.trax.,\ com.sun.org.apache.xalan.internal.xsltc.util.,\ com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.resolver.helpers.,\ + com.sun.org.apache.xml.internal.resolver.readers.,\ com.sun.org.apache.xml.internal.security.,\ com.sun.org.apache.xml.internal.serializer.utils.,\ com.sun.org.apache.xml.internal.utils.,\ @@ -256,6 +258,8 @@ com.sun.org.apache.xalan.internal.xsltc.trax.,\ com.sun.org.apache.xalan.internal.xsltc.util.,\ com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.resolver.helpers.,\ + com.sun.org.apache.xml.internal.resolver.readers.,\ com.sun.org.apache.xml.internal.security.,\ com.sun.org.apache.xml.internal.serializer.utils.,\ com.sun.org.apache.xml.internal.utils.,\ @@ -429,9 +433,7 @@ # describes the mechanism for disabling algorithms based on algorithm name # and/or key length. This includes algorithms used in certificates, as well # as revocation information such as CRLs and signed OCSP Responses. -# -# The syntax of the disabled algorithm string is described as this Java -# BNF-style: +# The syntax of the disabled algorithm string is described as follows: # DisabledAlgorithms: # " DisabledAlgorithm { , DisabledAlgorithm } " # @@ -442,25 +444,26 @@ # (see below) # # Constraint: -# KeySizeConstraint, CertConstraint +# KeySizeConstraint | CAConstraint | DenyAfterConstraint | +# UsageConstraint # # KeySizeConstraint: -# keySize Operator DecimalInteger +# keySize Operator KeyLength # # Operator: # <= | < | == | != | >= | > # -# DecimalInteger: -# DecimalDigits +# KeyLength: +# Integer value of the algorithm's key length in bits # -# DecimalDigits: -# DecimalDigit {DecimalDigit} +# CAConstraint: +# jdkCA # -# DecimalDigit: one of -# 1 2 3 4 5 6 7 8 9 0 +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD # -# CertConstraint -# jdkCA +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] # # The "AlgorithmName" is the standard algorithm name of the disabled # algorithm. See "Java Cryptography Architecture Standard Algorithm Name @@ -474,27 +477,55 @@ # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion # will not disable algorithms related to "ECDSA". # -# A "Constraint" provides further guidance for the algorithm being specified. -# The "KeySizeConstraint" requires a key of a valid size range if the -# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the -# key size specified in number of bits. For example, "RSA keySize <= 1024" -# indicates that any RSA key with key size less than or equal to 1024 bits -# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates -# that any RSA key with key size less than 1024 or greater than 2048 should -# be disabled. Note that the "KeySizeConstraint" only makes sense to key -# algorithms. +# A "Constraint" defines restrictions on the keys and/or certificates for +# a specified AlgorithmName: +# +# KeySizeConstraint: +# keySize Operator KeyLength +# The constraint requires a key of a valid size range if the +# "AlgorithmName" is of a key algorithm. The "KeyLength" indicates +# the key size specified in number of bits. For example, +# "RSA keySize <= 1024" indicates that any RSA key with key size less +# than or equal to 1024 bits should be disabled, and +# "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key +# with key size less than 1024 or greater than 2048 should be disabled. +# This constraint is only used on algorithms that have a key size. +# +# CAConstraint: +# jdkCA +# This constraint prohibits the specified algorithm only if the +# algorithm is used in a certificate chain that terminates at a marked +# trust anchor in the lib/security/cacerts keystore. If the jdkCA +# constraint is not set, then all chains using the specified algorithm +# are restricted. jdkCA may only be used once in a DisabledAlgorithm +# expression. +# Example: To apply this constraint to SHA-1 certificates, include +# the following: "SHA1 jdkCA" # -# "CertConstraint" specifies additional constraints for -# certificates that contain algorithms that are restricted: +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# This constraint prohibits a certificate with the specified algorithm +# from being used after the date regardless of the certificate's +# validity. JAR files that are signed and timestamped before the +# constraint date with certificates containing the disabled algorithm +# will not be restricted. The date is processed in the UTC timezone. +# This constraint can only be used once in a DisabledAlgorithm +# expression. +# Example: To deny usage of RSA 2048 bit certificates after Feb 3 2020, +# use the following: "RSA keySize == 2048 & denyAfter 2020-02-03" # -# "jdkCA" prohibits the specified algorithm only if the algorithm is used -# in a certificate chain that terminates at a marked trust anchor in the -# lib/security/cacerts keystore. All other chains are not affected. -# If the jdkCA constraint is not set, then all chains using the -# specified algorithm are restricted. jdkCA may only be used once in -# a DisabledAlgorithm expression. -# Example: To apply this constraint to SHA-1 certificates, include -# the following: "SHA1 jdkCA" +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] +# This constraint prohibits the specified algorithm for +# a specified usage. This should be used when disabling an algorithm +# for all usages is not practical. 'TLSServer' restricts the algorithm +# in TLS server certificate chains when server authentication is +# performed. 'TLSClient' restricts the algorithm in TLS client +# certificate chains when client authentication is performed. +# 'SignedJAR' constrains use of certificates in signed jar files. +# The usage type follows the keyword and more than one usage type can +# be specified with a whitespace delimiter. +# Example: "SHA1 usage TLSServer TLSClient" # # When an algorithm must satisfy more than one constraint, it must be # delimited by an ampersand '&'. For example, to restrict certificates in a @@ -507,6 +538,9 @@ # before larger keysize constraints of the same algorithm. For example: # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048". # +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# # Note: This property is currently used by Oracle's PKIX implementation. It # is not guaranteed to be examined and used by other implementations. # @@ -514,9 +548,10 @@ # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ - DSA keySize < 1024, EC keySize < 224 +jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 +# # Algorithm restrictions for signed JAR files # # In some environments, certain algorithms or key lengths may be undesirable @@ -531,17 +566,20 @@ # " DisabledAlgorithm { , DisabledAlgorithm } " # # DisabledAlgorithm: -# AlgorithmName [Constraint] +# AlgorithmName [Constraint] { '&' Constraint } # # AlgorithmName: # (see below) # # Constraint: -# KeySizeConstraint +# KeySizeConstraint | DenyAfterConstraint # # KeySizeConstraint: # keySize Operator KeyLength # +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# # Operator: # <= | < | == | != | >= | > # @@ -552,8 +590,11 @@ # implementation. It is not guaranteed to be examined and used by other # implementations. # +# See "jdk.certpath.disabledAlgorithms" for syntax descriptions. +# jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +# # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS) processing # @@ -575,6 +616,9 @@ # See the specification of "jdk.certpath.disabledAlgorithms" for the # syntax of the disabled algorithm string. # +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# # Note: This property is currently used by the JDK Reference implementation. # It is not guaranteed to be examined and used by other implementations. #
--- a/src/share/lib/security/java.security-macosx Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/lib/security/java.security-macosx Wed Jul 19 05:41:28 2017 +0100 @@ -210,6 +210,8 @@ com.sun.org.apache.xalan.internal.xsltc.trax.,\ com.sun.org.apache.xalan.internal.xsltc.util.,\ com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.resolver.helpers.,\ + com.sun.org.apache.xml.internal.resolver.readers.,\ com.sun.org.apache.xml.internal.security.,\ com.sun.org.apache.xml.internal.serializer.utils.,\ com.sun.org.apache.xml.internal.utils.,\ @@ -258,6 +260,8 @@ com.sun.org.apache.xalan.internal.xsltc.trax.,\ com.sun.org.apache.xalan.internal.xsltc.util.,\ com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.resolver.helpers.,\ + com.sun.org.apache.xml.internal.resolver.readers.,\ com.sun.org.apache.xml.internal.security.,\ com.sun.org.apache.xml.internal.serializer.utils.,\ com.sun.org.apache.xml.internal.utils.,\ @@ -432,9 +436,7 @@ # describes the mechanism for disabling algorithms based on algorithm name # and/or key length. This includes algorithms used in certificates, as well # as revocation information such as CRLs and signed OCSP Responses. -# -# The syntax of the disabled algorithm string is described as this Java -# BNF-style: +# The syntax of the disabled algorithm string is described as follows: # DisabledAlgorithms: # " DisabledAlgorithm { , DisabledAlgorithm } " # @@ -445,25 +447,26 @@ # (see below) # # Constraint: -# KeySizeConstraint, CertConstraint +# KeySizeConstraint | CAConstraint | DenyAfterConstraint | +# UsageConstraint # # KeySizeConstraint: -# keySize Operator DecimalInteger +# keySize Operator KeyLength # # Operator: # <= | < | == | != | >= | > # -# DecimalInteger: -# DecimalDigits +# KeyLength: +# Integer value of the algorithm's key length in bits # -# DecimalDigits: -# DecimalDigit {DecimalDigit} +# CAConstraint: +# jdkCA # -# DecimalDigit: one of -# 1 2 3 4 5 6 7 8 9 0 +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD # -# CertConstraint -# jdkCA +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] # # The "AlgorithmName" is the standard algorithm name of the disabled # algorithm. See "Java Cryptography Architecture Standard Algorithm Name @@ -477,27 +480,55 @@ # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion # will not disable algorithms related to "ECDSA". # -# A "Constraint" provides further guidance for the algorithm being specified. -# The "KeySizeConstraint" requires a key of a valid size range if the -# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the -# key size specified in number of bits. For example, "RSA keySize <= 1024" -# indicates that any RSA key with key size less than or equal to 1024 bits -# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates -# that any RSA key with key size less than 1024 or greater than 2048 should -# be disabled. Note that the "KeySizeConstraint" only makes sense to key -# algorithms. +# A "Constraint" defines restrictions on the keys and/or certificates for +# a specified AlgorithmName: +# +# KeySizeConstraint: +# keySize Operator KeyLength +# The constraint requires a key of a valid size range if the +# "AlgorithmName" is of a key algorithm. The "KeyLength" indicates +# the key size specified in number of bits. For example, +# "RSA keySize <= 1024" indicates that any RSA key with key size less +# than or equal to 1024 bits should be disabled, and +# "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key +# with key size less than 1024 or greater than 2048 should be disabled. +# This constraint is only used on algorithms that have a key size. +# +# CAConstraint: +# jdkCA +# This constraint prohibits the specified algorithm only if the +# algorithm is used in a certificate chain that terminates at a marked +# trust anchor in the lib/security/cacerts keystore. If the jdkCA +# constraint is not set, then all chains using the specified algorithm +# are restricted. jdkCA may only be used once in a DisabledAlgorithm +# expression. +# Example: To apply this constraint to SHA-1 certificates, include +# the following: "SHA1 jdkCA" # -# "CertConstraint" specifies additional constraints for -# certificates that contain algorithms that are restricted: +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# This constraint prohibits a certificate with the specified algorithm +# from being used after the date regardless of the certificate's +# validity. JAR files that are signed and timestamped before the +# constraint date with certificates containing the disabled algorithm +# will not be restricted. The date is processed in the UTC timezone. +# This constraint can only be used once in a DisabledAlgorithm +# expression. +# Example: To deny usage of RSA 2048 bit certificates after Feb 3 2020, +# use the following: "RSA keySize == 2048 & denyAfter 2020-02-03" # -# "jdkCA" prohibits the specified algorithm only if the algorithm is used -# in a certificate chain that terminates at a marked trust anchor in the -# lib/security/cacerts keystore. All other chains are not affected. -# If the jdkCA constraint is not set, then all chains using the -# specified algorithm are restricted. jdkCA may only be used once in -# a DisabledAlgorithm expression. -# Example: To apply this constraint to SHA-1 certificates, include -# the following: "SHA1 jdkCA" +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] +# This constraint prohibits the specified algorithm for +# a specified usage. This should be used when disabling an algorithm +# for all usages is not practical. 'TLSServer' restricts the algorithm +# in TLS server certificate chains when server authentication is +# performed. 'TLSClient' restricts the algorithm in TLS client +# certificate chains when client authentication is performed. +# 'SignedJAR' constrains use of certificates in signed jar files. +# The usage type follows the keyword and more than one usage type can +# be specified with a whitespace delimiter. +# Example: "SHA1 usage TLSServer TLSClient" # # When an algorithm must satisfy more than one constraint, it must be # delimited by an ampersand '&'. For example, to restrict certificates in a @@ -510,6 +541,9 @@ # before larger keysize constraints of the same algorithm. For example: # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048". # +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# # Note: This property is currently used by Oracle's PKIX implementation. It # is not guaranteed to be examined and used by other implementations. # @@ -517,9 +551,10 @@ # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ - DSA keySize < 1024, EC keySize < 224 +jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 +# # Algorithm restrictions for signed JAR files # # In some environments, certain algorithms or key lengths may be undesirable @@ -534,17 +569,20 @@ # " DisabledAlgorithm { , DisabledAlgorithm } " # # DisabledAlgorithm: -# AlgorithmName [Constraint] +# AlgorithmName [Constraint] { '&' Constraint } # # AlgorithmName: # (see below) # # Constraint: -# KeySizeConstraint +# KeySizeConstraint | DenyAfterConstraint # # KeySizeConstraint: # keySize Operator KeyLength # +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# # Operator: # <= | < | == | != | >= | > # @@ -555,8 +593,11 @@ # implementation. It is not guaranteed to be examined and used by other # implementations. # +# See "jdk.certpath.disabledAlgorithms" for syntax descriptions. +# jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +# # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS) processing # @@ -578,6 +619,9 @@ # See the specification of "jdk.certpath.disabledAlgorithms" for the # syntax of the disabled algorithm string. # +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# # Note: This property is currently used by the JDK Reference implementation. # It is not guaranteed to be examined and used by other implementations. #
--- a/src/share/lib/security/java.security-solaris Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/lib/security/java.security-solaris Wed Jul 19 05:41:28 2017 +0100 @@ -211,6 +211,8 @@ com.sun.org.apache.xalan.internal.xsltc.trax.,\ com.sun.org.apache.xalan.internal.xsltc.util.,\ com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.resolver.helpers.,\ + com.sun.org.apache.xml.internal.resolver.readers.,\ com.sun.org.apache.xml.internal.security.,\ com.sun.org.apache.xml.internal.serializer.utils.,\ com.sun.org.apache.xml.internal.utils.,\ @@ -258,6 +260,8 @@ com.sun.org.apache.xalan.internal.xsltc.trax.,\ com.sun.org.apache.xalan.internal.xsltc.util.,\ com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.resolver.helpers.,\ + com.sun.org.apache.xml.internal.resolver.readers.,\ com.sun.org.apache.xml.internal.security.,\ com.sun.org.apache.xml.internal.serializer.utils.,\ com.sun.org.apache.xml.internal.utils.,\ @@ -431,9 +435,7 @@ # describes the mechanism for disabling algorithms based on algorithm name # and/or key length. This includes algorithms used in certificates, as well # as revocation information such as CRLs and signed OCSP Responses. -# -# The syntax of the disabled algorithm string is described as this Java -# BNF-style: +# The syntax of the disabled algorithm string is described as follows: # DisabledAlgorithms: # " DisabledAlgorithm { , DisabledAlgorithm } " # @@ -444,25 +446,26 @@ # (see below) # # Constraint: -# KeySizeConstraint, CertConstraint +# KeySizeConstraint | CAConstraint | DenyAfterConstraint | +# UsageConstraint # # KeySizeConstraint: -# keySize Operator DecimalInteger +# keySize Operator KeyLength # # Operator: # <= | < | == | != | >= | > # -# DecimalInteger: -# DecimalDigits +# KeyLength: +# Integer value of the algorithm's key length in bits # -# DecimalDigits: -# DecimalDigit {DecimalDigit} +# CAConstraint: +# jdkCA # -# DecimalDigit: one of -# 1 2 3 4 5 6 7 8 9 0 +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD # -# CertConstraint -# jdkCA +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] # # The "AlgorithmName" is the standard algorithm name of the disabled # algorithm. See "Java Cryptography Architecture Standard Algorithm Name @@ -476,27 +479,55 @@ # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion # will not disable algorithms related to "ECDSA". # -# A "Constraint" provides further guidance for the algorithm being specified. -# The "KeySizeConstraint" requires a key of a valid size range if the -# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the -# key size specified in number of bits. For example, "RSA keySize <= 1024" -# indicates that any RSA key with key size less than or equal to 1024 bits -# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates -# that any RSA key with key size less than 1024 or greater than 2048 should -# be disabled. Note that the "KeySizeConstraint" only makes sense to key -# algorithms. +# A "Constraint" defines restrictions on the keys and/or certificates for +# a specified AlgorithmName: +# +# KeySizeConstraint: +# keySize Operator KeyLength +# The constraint requires a key of a valid size range if the +# "AlgorithmName" is of a key algorithm. The "KeyLength" indicates +# the key size specified in number of bits. For example, +# "RSA keySize <= 1024" indicates that any RSA key with key size less +# than or equal to 1024 bits should be disabled, and +# "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key +# with key size less than 1024 or greater than 2048 should be disabled. +# This constraint is only used on algorithms that have a key size. +# +# CAConstraint: +# jdkCA +# This constraint prohibits the specified algorithm only if the +# algorithm is used in a certificate chain that terminates at a marked +# trust anchor in the lib/security/cacerts keystore. If the jdkCA +# constraint is not set, then all chains using the specified algorithm +# are restricted. jdkCA may only be used once in a DisabledAlgorithm +# expression. +# Example: To apply this constraint to SHA-1 certificates, include +# the following: "SHA1 jdkCA" # -# "CertConstraint" specifies additional constraints for -# certificates that contain algorithms that are restricted: +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# This constraint prohibits a certificate with the specified algorithm +# from being used after the date regardless of the certificate's +# validity. JAR files that are signed and timestamped before the +# constraint date with certificates containing the disabled algorithm +# will not be restricted. The date is processed in the UTC timezone. +# This constraint can only be used once in a DisabledAlgorithm +# expression. +# Example: To deny usage of RSA 2048 bit certificates after Feb 3 2020, +# use the following: "RSA keySize == 2048 & denyAfter 2020-02-03" # -# "jdkCA" prohibits the specified algorithm only if the algorithm is used -# in a certificate chain that terminates at a marked trust anchor in the -# lib/security/cacerts keystore. All other chains are not affected. -# If the jdkCA constraint is not set, then all chains using the -# specified algorithm are restricted. jdkCA may only be used once in -# a DisabledAlgorithm expression. -# Example: To apply this constraint to SHA-1 certificates, include -# the following: "SHA1 jdkCA" +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] +# This constraint prohibits the specified algorithm for +# a specified usage. This should be used when disabling an algorithm +# for all usages is not practical. 'TLSServer' restricts the algorithm +# in TLS server certificate chains when server authentication is +# performed. 'TLSClient' restricts the algorithm in TLS client +# certificate chains when client authentication is performed. +# 'SignedJAR' constrains use of certificates in signed jar files. +# The usage type follows the keyword and more than one usage type can +# be specified with a whitespace delimiter. +# Example: "SHA1 usage TLSServer TLSClient" # # When an algorithm must satisfy more than one constraint, it must be # delimited by an ampersand '&'. For example, to restrict certificates in a @@ -509,6 +540,9 @@ # before larger keysize constraints of the same algorithm. For example: # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048". # +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# # Note: This property is currently used by Oracle's PKIX implementation. It # is not guaranteed to be examined and used by other implementations. # @@ -516,9 +550,10 @@ # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ - DSA keySize < 1024, EC keySize < 224 +jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 +# # Algorithm restrictions for signed JAR files # # In some environments, certain algorithms or key lengths may be undesirable @@ -533,17 +568,20 @@ # " DisabledAlgorithm { , DisabledAlgorithm } " # # DisabledAlgorithm: -# AlgorithmName [Constraint] +# AlgorithmName [Constraint] { '&' Constraint } # # AlgorithmName: # (see below) # # Constraint: -# KeySizeConstraint +# KeySizeConstraint | DenyAfterConstraint # # KeySizeConstraint: # keySize Operator KeyLength # +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# # Operator: # <= | < | == | != | >= | > # @@ -554,8 +592,11 @@ # implementation. It is not guaranteed to be examined and used by other # implementations. # +# See "jdk.certpath.disabledAlgorithms" for syntax descriptions. +# jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +# # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS) processing # @@ -577,6 +618,9 @@ # See the specification of "jdk.certpath.disabledAlgorithms" for the # syntax of the disabled algorithm string. # +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# # Note: This property is currently used by the JDK Reference implementation. # It is not guaranteed to be examined and used by other implementations. #
--- a/src/share/lib/security/java.security-windows Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/lib/security/java.security-windows Wed Jul 19 05:41:28 2017 +0100 @@ -210,6 +210,8 @@ com.sun.org.apache.xalan.internal.xsltc.trax.,\ com.sun.org.apache.xalan.internal.xsltc.util.,\ com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.resolver.helpers.,\ + com.sun.org.apache.xml.internal.resolver.readers.,\ com.sun.org.apache.xml.internal.security.,\ com.sun.org.apache.xml.internal.serializer.utils.,\ com.sun.org.apache.xml.internal.utils.,\ @@ -258,6 +260,8 @@ com.sun.org.apache.xalan.internal.xsltc.trax.,\ com.sun.org.apache.xalan.internal.xsltc.util.,\ com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.resolver.helpers.,\ + com.sun.org.apache.xml.internal.resolver.readers.,\ com.sun.org.apache.xml.internal.security.,\ com.sun.org.apache.xml.internal.serializer.utils.,\ com.sun.org.apache.xml.internal.utils.,\ @@ -432,9 +436,7 @@ # describes the mechanism for disabling algorithms based on algorithm name # and/or key length. This includes algorithms used in certificates, as well # as revocation information such as CRLs and signed OCSP Responses. -# -# The syntax of the disabled algorithm string is described as this Java -# BNF-style: +# The syntax of the disabled algorithm string is described as follows: # DisabledAlgorithms: # " DisabledAlgorithm { , DisabledAlgorithm } " # @@ -445,25 +447,26 @@ # (see below) # # Constraint: -# KeySizeConstraint, CertConstraint +# KeySizeConstraint | CAConstraint | DenyAfterConstraint | +# UsageConstraint # # KeySizeConstraint: -# keySize Operator DecimalInteger +# keySize Operator KeyLength # # Operator: # <= | < | == | != | >= | > # -# DecimalInteger: -# DecimalDigits +# KeyLength: +# Integer value of the algorithm's key length in bits # -# DecimalDigits: -# DecimalDigit {DecimalDigit} +# CAConstraint: +# jdkCA # -# DecimalDigit: one of -# 1 2 3 4 5 6 7 8 9 0 +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD # -# CertConstraint -# jdkCA +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] # # The "AlgorithmName" is the standard algorithm name of the disabled # algorithm. See "Java Cryptography Architecture Standard Algorithm Name @@ -477,27 +480,55 @@ # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion # will not disable algorithms related to "ECDSA". # -# A "Constraint" provides further guidance for the algorithm being specified. -# The "KeySizeConstraint" requires a key of a valid size range if the -# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the -# key size specified in number of bits. For example, "RSA keySize <= 1024" -# indicates that any RSA key with key size less than or equal to 1024 bits -# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates -# that any RSA key with key size less than 1024 or greater than 2048 should -# be disabled. Note that the "KeySizeConstraint" only makes sense to key -# algorithms. +# A "Constraint" defines restrictions on the keys and/or certificates for +# a specified AlgorithmName: +# +# KeySizeConstraint: +# keySize Operator KeyLength +# The constraint requires a key of a valid size range if the +# "AlgorithmName" is of a key algorithm. The "KeyLength" indicates +# the key size specified in number of bits. For example, +# "RSA keySize <= 1024" indicates that any RSA key with key size less +# than or equal to 1024 bits should be disabled, and +# "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key +# with key size less than 1024 or greater than 2048 should be disabled. +# This constraint is only used on algorithms that have a key size. +# +# CAConstraint: +# jdkCA +# This constraint prohibits the specified algorithm only if the +# algorithm is used in a certificate chain that terminates at a marked +# trust anchor in the lib/security/cacerts keystore. If the jdkCA +# constraint is not set, then all chains using the specified algorithm +# are restricted. jdkCA may only be used once in a DisabledAlgorithm +# expression. +# Example: To apply this constraint to SHA-1 certificates, include +# the following: "SHA1 jdkCA" # -# "CertConstraint" specifies additional constraints for -# certificates that contain algorithms that are restricted: +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# This constraint prohibits a certificate with the specified algorithm +# from being used after the date regardless of the certificate's +# validity. JAR files that are signed and timestamped before the +# constraint date with certificates containing the disabled algorithm +# will not be restricted. The date is processed in the UTC timezone. +# This constraint can only be used once in a DisabledAlgorithm +# expression. +# Example: To deny usage of RSA 2048 bit certificates after Feb 3 2020, +# use the following: "RSA keySize == 2048 & denyAfter 2020-02-03" # -# "jdkCA" prohibits the specified algorithm only if the algorithm is used -# in a certificate chain that terminates at a marked trust anchor in the -# lib/security/cacerts keystore. All other chains are not affected. -# If the jdkCA constraint is not set, then all chains using the -# specified algorithm are restricted. jdkCA may only be used once in -# a DisabledAlgorithm expression. -# Example: To apply this constraint to SHA-1 certificates, include -# the following: "SHA1 jdkCA" +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] +# This constraint prohibits the specified algorithm for +# a specified usage. This should be used when disabling an algorithm +# for all usages is not practical. 'TLSServer' restricts the algorithm +# in TLS server certificate chains when server authentication is +# performed. 'TLSClient' restricts the algorithm in TLS client +# certificate chains when client authentication is performed. +# 'SignedJAR' constrains use of certificates in signed jar files. +# The usage type follows the keyword and more than one usage type can +# be specified with a whitespace delimiter. +# Example: "SHA1 usage TLSServer TLSClient" # # When an algorithm must satisfy more than one constraint, it must be # delimited by an ampersand '&'. For example, to restrict certificates in a @@ -510,6 +541,9 @@ # before larger keysize constraints of the same algorithm. For example: # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048". # +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# # Note: This property is currently used by Oracle's PKIX implementation. It # is not guaranteed to be examined and used by other implementations. # @@ -517,9 +551,10 @@ # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ - DSA keySize < 1024, EC keySize < 224 +jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 +# # Algorithm restrictions for signed JAR files # # In some environments, certain algorithms or key lengths may be undesirable @@ -534,17 +569,20 @@ # " DisabledAlgorithm { , DisabledAlgorithm } " # # DisabledAlgorithm: -# AlgorithmName [Constraint] +# AlgorithmName [Constraint] { '&' Constraint } # # AlgorithmName: # (see below) # # Constraint: -# KeySizeConstraint +# KeySizeConstraint | DenyAfterConstraint # # KeySizeConstraint: # keySize Operator KeyLength # +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# # Operator: # <= | < | == | != | >= | > # @@ -555,8 +593,11 @@ # implementation. It is not guaranteed to be examined and used by other # implementations. # +# See "jdk.certpath.disabledAlgorithms" for syntax descriptions. +# jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +# # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS) processing # @@ -578,6 +619,9 @@ # See the specification of "jdk.certpath.disabledAlgorithms" for the # syntax of the disabled algorithm string. # +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# # Note: This property is currently used by the JDK Reference implementation. # It is not guaranteed to be examined and used by other implementations. #
--- a/src/share/native/common/check_code.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/common/check_code.c Wed Jul 19 05:41:28 2017 +0100 @@ -457,6 +457,8 @@ static fullinfo_type cp_index_to_class_fullinfo(context_type *, int, int); +static const char* get_result_signature(const char* signature); + static char signature_to_fieldtype(context_type *context, const char **signature_p, fullinfo_type *info); @@ -2775,7 +2777,7 @@ operand); const char *result_signature; check_and_push(context, signature, VM_STRING_UTF); - result_signature = strchr(signature, JVM_SIGNATURE_ENDFUNC); + result_signature = get_result_signature(signature); if (result_signature++ == NULL) { CCerror(context, "Illegal signature %s", signature); } @@ -3698,6 +3700,42 @@ longjmp(context->jump_buffer, 1); } +/* + * Need to scan the entire signature to find the result type because + * types in the arg list and the result type could contain embedded ')'s. + */ +static const char* get_result_signature(const char* signature) { + const char *p; + for (p = signature; *p != JVM_SIGNATURE_ENDFUNC; p++) { + switch (*p) { + case JVM_SIGNATURE_BOOLEAN: + case JVM_SIGNATURE_BYTE: + case JVM_SIGNATURE_CHAR: + case JVM_SIGNATURE_SHORT: + case JVM_SIGNATURE_INT: + case JVM_SIGNATURE_FLOAT: + case JVM_SIGNATURE_DOUBLE: + case JVM_SIGNATURE_LONG: + case JVM_SIGNATURE_FUNC: /* ignore initial (, if given */ + break; + case JVM_SIGNATURE_CLASS: + while (*p != JVM_SIGNATURE_ENDCLASS) p++; + break; + case JVM_SIGNATURE_ARRAY: + while (*p == JVM_SIGNATURE_ARRAY) p++; + /* If an array of classes, skip over class name, too. */ + if (*p == JVM_SIGNATURE_CLASS) { + while (*p != JVM_SIGNATURE_ENDCLASS) p++; + } + break; + default: + /* Indicate an error. */ + return NULL; + } + } + return p++; /* skip over ')'. */ +} + static char signature_to_fieldtype(context_type *context, const char **signature_p, fullinfo_type *full_info_p)
--- a/src/share/native/sun/awt/image/jpeg/imageioJPEG.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/image/jpeg/imageioJPEG.c Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -72,6 +72,7 @@ static jmethodID JPEGImageReader_pushBackID; static jmethodID JPEGImageReader_passStartedID; static jmethodID JPEGImageReader_passCompleteID; +static jmethodID JPEGImageReader_skipPastImageID; static jmethodID JPEGImageWriter_writeOutputDataID; static jmethodID JPEGImageWriter_warningOccurredID; static jmethodID JPEGImageWriter_warningWithMessageID; @@ -553,30 +554,43 @@ METHODDEF(void) sun_jpeg_output_message (j_common_ptr cinfo) { - char buffer[JMSG_LENGTH_MAX]; - jstring string; - imageIODataPtr data = (imageIODataPtr) cinfo->client_data; - JNIEnv *env = (JNIEnv *)JNU_GetEnv(jvm, JNI_VERSION_1_2); - jobject theObject; - - /* Create the message */ - (*cinfo->err->format_message) (cinfo, buffer); - - // Create a new java string from the message - string = (*env)->NewStringUTF(env, buffer); - CHECK_NULL(string); - - theObject = data->imageIOobj; - - if (cinfo->is_decompressor) { - (*env)->CallVoidMethod(env, theObject, - JPEGImageReader_warningWithMessageID, - string); - } else { - (*env)->CallVoidMethod(env, theObject, - JPEGImageWriter_warningWithMessageID, - string); - } + char buffer[JMSG_LENGTH_MAX]; + jstring string; + imageIODataPtr data = (imageIODataPtr) cinfo->client_data; + JNIEnv *env = (JNIEnv *)JNU_GetEnv(jvm, JNI_VERSION_1_2); + jobject theObject; + + /* Create the message */ + (*cinfo->err->format_message) (cinfo, buffer); + + // Create a new java string from the message + string = (*env)->NewStringUTF(env, buffer); + CHECK_NULL(string); + + theObject = data->imageIOobj; + + if (cinfo->is_decompressor) { + struct jpeg_source_mgr *src = ((j_decompress_ptr)cinfo)->src; + RELEASE_ARRAYS(env, data, src->next_input_byte); + (*env)->CallVoidMethod(env, theObject, + JPEGImageReader_warningWithMessageID, + string); + if ((*env)->ExceptionOccurred(env) + || !GET_ARRAYS(env, data, &(src->next_input_byte))) { + cinfo->err->error_exit(cinfo); + } + } else { + struct jpeg_destination_mgr *dest = ((j_compress_ptr)cinfo)->dest; + RELEASE_ARRAYS(env, data, (const JOCTET *)(dest->next_output_byte)); + (*env)->CallVoidMethod(env, theObject, + JPEGImageWriter_warningWithMessageID, + string); + if ((*env)->ExceptionOccurred(env) + || !GET_ARRAYS(env, data, + (const JOCTET **)(&dest->next_output_byte))) { + cinfo->err->error_exit(cinfo); + } + } } /* End of verbatim copy from jpegdecoder.c */ @@ -1043,6 +1057,7 @@ if (!GET_ARRAYS(env, data, &(src->next_input_byte))) { cinfo->err->error_exit((j_common_ptr) cinfo); } + RELEASE_ARRAYS(env, data, src->next_input_byte); return; } @@ -1458,6 +1473,10 @@ cls, "pushBack", "(I)V")); + CHECK_NULL(JPEGImageReader_skipPastImageID = (*env)->GetMethodID(env, + cls, + "skipPastImage", + "(I)V")); CHECK_NULL(JPEGQTable_tableID = (*env)->GetFieldID(env, qTableClass, "qTable", @@ -1798,9 +1817,14 @@ cinfo->out_color_space, cinfo->num_components, profileData); + if ((*env)->ExceptionOccurred(env) + || !GET_ARRAYS(env, data, &(src->next_input_byte))) { + cinfo->err->error_exit((j_common_ptr) cinfo); + } if (reset) { jpeg_abort_decompress(cinfo); } + RELEASE_ARRAYS(env, data, src->next_input_byte); } return retval; @@ -1834,6 +1858,7 @@ Java_com_sun_imageio_plugins_jpeg_JPEGImageReader_readImage (JNIEnv *env, jobject this, + jint imageIndex, jlong ptr, jbyteArray buffer, jint numBands, @@ -2011,6 +2036,7 @@ jpeg_start_decompress(cinfo); if (numBands != cinfo->output_components) { + RELEASE_ARRAYS(env, data, src->next_input_byte); JNU_ThrowByName(env, "javax/imageio/IIOException", "Invalid argument to native readImage"); return data->abortFlag; @@ -2019,6 +2045,7 @@ if (cinfo->output_components <= 0 || cinfo->image_width > (0xffffffffu / (unsigned int)cinfo->output_components)) { + RELEASE_ARRAYS(env, data, src->next_input_byte); JNU_ThrowByName(env, "javax/imageio/IIOException", "Invalid number of output components"); return data->abortFlag; @@ -2042,15 +2069,24 @@ // the first interesting pass. jpeg_start_output(cinfo, cinfo->input_scan_number); if (wantUpdates) { + RELEASE_ARRAYS(env, data, src->next_input_byte); (*env)->CallVoidMethod(env, this, JPEGImageReader_passStartedID, cinfo->input_scan_number-1); + if ((*env)->ExceptionOccurred(env) + || !GET_ARRAYS(env, data, &(src->next_input_byte))) { + cinfo->err->error_exit((j_common_ptr) cinfo); + } } } else if (wantUpdates) { + RELEASE_ARRAYS(env, data, src->next_input_byte); (*env)->CallVoidMethod(env, this, JPEGImageReader_passStartedID, 0); - + if ((*env)->ExceptionOccurred(env) + || !GET_ARRAYS(env, data, &(src->next_input_byte))) { + cinfo->err->error_exit((j_common_ptr) cinfo); + } } // Skip until the first interesting line @@ -2138,8 +2174,13 @@ done = TRUE; } if (wantUpdates) { + RELEASE_ARRAYS(env, data, src->next_input_byte); (*env)->CallVoidMethod(env, this, JPEGImageReader_passCompleteID); + if ((*env)->ExceptionOccurred(env) + || !GET_ARRAYS(env, data, &(src->next_input_byte))) { + cinfo->err->error_exit((j_common_ptr) cinfo); + } } } @@ -2147,12 +2188,23 @@ * We are done, but we might not have read all the lines, or all * the passes, so use jpeg_abort instead of jpeg_finish_decompress. */ - if (cinfo->output_scanline == cinfo->output_height) { - // if ((cinfo->output_scanline == cinfo->output_height) && - //(jpeg_input_complete(cinfo))) { // We read the whole file + if ((cinfo->output_scanline != cinfo->output_height) || + data->abortFlag == JNI_TRUE) + { + jpeg_abort_decompress(cinfo); + } else if ((!jpeg_input_complete(cinfo)) && + (progressive && + (cinfo->input_scan_number > maxProgressivePass))) { + /* We haven't reached EOI, but we need to skip to there */ + (*cinfo->src->term_source) (cinfo); + /* We can use jpeg_abort to release memory and reset global_state */ + jpeg_abort((j_common_ptr) cinfo); + (*env)->CallVoidMethod(env, + this, + JPEGImageReader_skipPastImageID, + imageIndex); + } else { jpeg_finish_decompress(cinfo); - } else { - jpeg_abort_decompress(cinfo); } free(scanLinePtr);
--- a/src/share/native/sun/awt/libpng/CHANGES Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/CHANGES Wed Jul 19 05:41:28 2017 +0100 @@ -1,28 +1,3 @@ -/* - * Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - #if 0 CHANGES - changes for libpng @@ -618,7 +593,7 @@ with trailing compressed parts easier in the future, and added new functions png_free_iCCP, png_free_pCAL, png_free_sPLT, png_free_text, png_get_iCCP, png_get_spalettes, png_set_iCCP, png_set_spalettes (Eric S. Raymond). - NOTE: Applications that write text chunks MUST define png_text->lang + NOTE: Applications that write text chunks MUST define png_text->lang before calling png_set_text(). It must be set to NULL if you want to write tEXt or zTXt chunks. If you want your application to be able to run with older versions of libpng, use @@ -5088,7 +5063,8 @@ Version 1.6.15beta05 [November 5, 2014] Use png_get_libpng_ver(NULL) instead of PNG_LIBPNG_VER_STRING in example.c, pngtest.c, and applications in the contrib directory. - Avoid out-of-bounds memory access in png_user_version_check(). + Fixed an out-of-range read in png_user_version_check() (Bug report from + Qixue Xiao, CVE-2015-8540). Simplified and future-proofed png_user_version_check(). Fixed GCC unsigned int->float warnings. Various versions of GCC seem to generate warnings when an unsigned value is implicitly @@ -5446,7 +5422,7 @@ Version 1.6.20beta02 [November 23, 2015] Fixed incorrect implementation of png_set_PLTE() that uses png_ptr not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126 - vulnerability. + vulnerability. Fixes CVE-2015-8472. Version 1.6.20beta03 [November 24, 2015] Backported tests from libpng-1.7.0beta69. @@ -5471,6 +5447,353 @@ Version 1.6.20 [December 3, 2015] No changes. +Version 1.6.21beta01 [December 11, 2015] + Fixed syntax "$(command)" in tests/pngstest that some shells other than + bash could not parse (Bug report by Nelson Beebe). Use `command` instead. + +Version 1.6.21beta02 [December 14, 2015] + Moved png_check_keyword() from pngwutil.c to pngset.c + Removed LE/BE dependencies in pngvalid, to 'fix' the current problem + in the BigEndian tests by not testing it, making the BE code the same + as the LE version. + Fixes to pngvalid for various reduced build configurations (eliminate unused + statics) and a fix for the case in rgb_to_gray when the digitize option + reduces graylo to 0, producing a large error. + +Version 1.6.21beta03 [December 18, 2015] + Widened the 'limit' check on the internally calculated error limits in + the 'DIGITIZE' case (the code used prior to 1.7 for rgb_to_gray error + checks) and changed the check to only operate in non-release builds + (base build type not RC or RELEASE.) + Fixed undefined behavior in pngvalid.c, undefined because + (png_byte) << shift is undefined if it changes the signed bit + (because png_byte is promoted to int). The libpng exported functions + png_get_uint_32 and png_get_uint_16 handle this. (Bug reported by + David Drysdale as a result of reports from UBSAN in clang 3.8). + This changes pngvalid to use BE random numbers; this used to produce + errors but these should not be fixed as a result of the previous changes. + +Version 1.6.21rc01 [January 4, 2016] + In projects/vstudio, combined readme.txt and WARNING into README.txt + +Version 1.6.21rc02 [January 7, 2016] + Relocated assert() in contrib/tools/pngfix.c, bug found by American + Fuzzy Lop, reported by Brian Carpenter. + Marked 'limit' UNUSED in transform_range_check(). This only affects + release builds. + +Version 1.6.21 [January 15, 2016] + Worked around a false-positive Coverity issue in pngvalid.c. + +Version 1.6.22beta01 [January 23, 2016] + Changed PNG_USE_MKSTEMP to __COVERITY__ to select alternate + "tmpfile()" implementation in contrib/libtests/pngstest.c + Fixed NO_STDIO build of pngunknown.c to skip calling png_init_io() + if there is no stdio.h support. + Added a png_image_write_to_memory() API and a number of assist macros + to allow an application that uses the simplified API write to bypass + stdio and write directly to memory. + Added some warnings (png.h) and some check code to detect *possible* + overflow in the ROW_STRIDE and simplified image SIZE macros. This + disallows image width/height/format that *might* overflow. This is + a quiet API change that limits in-memory image size (uncompressed) to + less than 4GByte and image row size (stride) to less than 2GByte. + Revised workaround for false-positive Coverity issue in pngvalid.c. + +Version 1.6.22beta02 [February 8, 2016] + Only use exit(77) in configure builds. + Corrected error in PNG_IMAGE_PNG_SIZE_MAX. This new macro underreported + the palette size because it failed to take into account that the memory + palette has to be expanded to full RGB when it is written to PNG. + Updated CMakeLists.txt, added supporting scripts/gen*.cmake.in + and test.cmake.in (Roger Leigh). + Relaxed limit checks on gamma values in pngrtran.c. As suggested in + the comments gamma values outside the range currently permitted + by png_set_alpha_mode are useful for HDR data encoding. These values + are already permitted by png_set_gamma so it is reasonable caution to + extend the png_set_alpha_mode range as HDR imaging systems are starting + to emerge. + +Version 1.6.22beta03 [March 9, 2016] + Added a common-law trademark notice and export control information + to the LICENSE file, png.h, and the man page. + Restored "& 0xff" in png_save_uint_16() and png_save_uint_32() that + were accidentally removed from libpng-1.6.17. + Changed PNG_INFO_cHNK and PNG_FREE_cHNK from 0xnnnn to 0xnnnnU in png.h + (Robert C. Seacord). + Removed dubious "#if INT_MAX" test from png.h that was added to + libpng-1.6.19beta02 (John Bowler). + Add ${INCLUDES} in scripts/genout.cmake.in (Bug report by Nixon Kwok). + Updated LICENSE to say files in the contrib directory are not + necessarily under the libpng license, and that some makefiles have + other copyright owners. + Added INTEL-SSE2 support (Mike Klein and Matt Sarett, Google, Inc.). + Made contrib/libtests/timepng more robust. The code no longer gives + up/fails on invalid PNG data, it just skips it (with error messages). + The code no longer fails on PNG files with data beyond IEND. Options + exist to use png_read_png (reading the whole image, not by row) and, in + that case, to apply any of the supported transforms. This makes for + more realistic testing; the decoded data actually gets used in a + meaningful fashion (John Bowler). + Fixed some misleading indentation (Krishnaraj Bhat). + +Version 1.6.22beta04 [April 5, 2016] + Force GCC compilation to C89 if needed (Dagobert Michelsen). + SSE filter speed improvements for bpp=3: + memcpy-free implementations of load3() / store3(). + call load3() only when needed at the end of a scanline. + +Version 1.6.22beta05 [April 27, 2016] + Added PNG_FAST_FILTERS macro (defined as + PNG_FILTER_NONE|PNG_FILTER_SUB|PNG_FILTER_UP). + Various fixes for contrib/libtests/timepng.c + Moved INTEL-SSE code from pngpriv.h into contrib/intel/intel_sse.patch. + Fixed typo (missing underscore) in #define PNG_READ_16_TO_8_SUPPORTED + (Bug report by Y.Ohashik). + +Version 1.6.22beta06 [May 5, 2016] + Rebased contrib/intel_sse.patch. + Quieted two Coverity issues in contrib/libtests/timepng.c. + Fixed issues with scripts/genout.cmake.in (David Capello, Nixon Kwok): + Added support to use multiple directories in ZLIBINCDIR variable, + Fixed CMAKE_C_FLAGS with multiple values when genout is compiled on MSVC, + Fixed pnglibconf.c compilation on OS X including the sysroot path. + +Version 1.6.22rc01 [May 14, 2016] + No changes. + +Version 1.6.22rc02 [May 16, 2016] + Removed contrib/timepng from default build; it does not build on platforms + that don't supply clock_gettime(). + +Version 1.6.22rc03 [May 17, 2016] + Restored contrib/timepng to default build but check for the presence + of clock_gettime() in configure.ac and Makefile.am. + +Version 1.6.22 [May 26, 2016] + No changes. + +Version 1.6.23beta01 [May 29, 2016] + Stop a potential memory leak in png_set_tRNS() (Bug report by Ted Ying). + Fixed the progressive reader to handle empty first IDAT chunk properly + (patch by Timothy Nikkel). This bug was introduced in libpng-1.6.0 and + only affected the libpng16 branch. + Added tests in pngvalid.c to check zero-length IDAT chunks in various + positions. Fixed the sequential reader to handle these more robustly + (John Bowler). + +Version 1.6.23rc01 [June 2, 2016] + Corrected progressive read input buffer in pngvalid.c. The previous version + the code invariably passed just one byte at a time to libpng. The intent + was to pass a random number of bytes in the range 0..511. + Moved sse2 prototype from pngpriv.h to contrib/intel/intel_sse.patch. + Added missing ")" in pngerror.c (Matt Sarrett). + +Version 1.6.23rc02 [June 4, 2016] + Fixed undefined behavior in png_push_save_buffer(). Do not call + memcpy() with a null source, even if count is zero (Leon Scroggins III). + +Version 1.6.23 [June 9, 2016] + Fixed bad link to RFC2083 in png.5 (Nikola Forro). + +Version 1.6.24beta01 [June 11, 2016] + Avoid potential overflow of the PNG_IMAGE_SIZE macro. This macro + is not used within libpng, but is used in some of the examples. + +Version 1.6.24beta02 [June 23, 2016] + Correct filter heuristic overflow handling. This was broken when the + write filter code was moved out-of-line; if there is a single filter and + the heuristic sum overflows the calculation of the filtered line is not + completed. In versions prior to 1.6 the code was duplicated in-line + and the check not performed, so the filter operation completed; however, + in the multi-filter case where the sum is performed the 'none' filter would + be selected if all the sums overflowed, even if it wasn't in the filter + list. The fix to the first problem is simply to provide PNG_SIZE_MAX as + the current lmins sum value; this means the sum can never exceed it and + overflows silently. A reasonable compiler that does choose to inline + the code will simply eliminate the sum check. + The fix to the second problem is to use high precision arithmetic (this is + implemented in 1.7), however a simple safe fix here is to chose the lowest + numbered filter in the list from png_set_filter (this only works if the + first problem is also fixed) (John Bowler). + Use a more efficient absolute value calculation on SSE2 (Matthieu Darbois). + Fixed the case where PNG_IMAGE_BUFFER_SIZE can overflow in the application + as a result of the application using an increased 'row_stride'; previously + png_image_finish_read only checked for overflow on the base calculation of + components. (I.e. it checked for overflow of a 32-bit number on the total + number of pixel components in the output format, not the possibly padded row + length and not the number of bytes, which for linear formats is twice the + number of components.) + MSVC does not like '-(unsigned)', so replaced it with 0U-(unsigned) + MSVC does not like (uInt) = -(unsigned) (i.e. as an initializer), unless + the conversion is explicitly invoked by a cast. + Put the SKIP definition in the correct place. It needs to come after the + png.h include (see all the other .c files in contrib/libtests) because it + depends on PNG_LIBPNG_VER. + Removed the three compile warning options from the individual project + files into the zlib.props globals. It increases the warning level from 4 + to All and adds a list of the warnings that need to be turned off. This is + semi-documentary; the intent is to tell libpng users which warnings have + been examined and judged non-fixable at present. The warning about + structure padding is fixable, but it would be a signficant change (moving + structure members around). + +Version 1.6.24beta03 [July 4, 2016] + Optimized absolute value calculation in filter selection, similar to + code in the PAETH decoder in pngrutil.c. Build with PNG_USE_ABS to + use this. + Added pngcp to the build together with a pngcp.dfa configuration test. + Added high resolution timing to pngcp. + Added "Common linking failures" section to INSTALL. + Relocated misplaced #endif in png.c sRGB profile checking. + Fixed two Coverity issues in pngcp.c. + +Version 1.6.24beta04 [July 8, 2016] + Avoid filter-selection heuristic sum calculations in cases where only one + filter is a candidate for selection. This trades off code size (added + private png_setup_*_row_only() functions) for speed. + +Version 1.6.24beta05 [July 13, 2016] + Fixed some indentation to comply with our coding style. + Added contrib/tools/reindent. + +Version 1.6.24beta06 [July 18, 2016] + Fixed more indentation to comply with our coding style. + Eliminated unnecessary tests of boolean png_isaligned() vs 0. + +Version 1.6.24rc01 [July 25, 2016] + No changes. + +Version 1.6.24rc02 [August 1, 2016] + Conditionally compile SSE2 headers in contrib/intel/intel_sse.patch + Conditionally compile png_decompress_chunk(). + +Version 1.6.24rc03 [August 2, 2016] + Conditionally compile ARM_NEON headers in pngpriv.h + Updated contrib/intel/intel_sse.patch + +Version 1.6.24[August 4, 2016] + No changes. + +Version 1.6.25beta01 [August 12, 2016] + Reject oversized iCCP profile immediately. + Cleaned up PNG_DEBUG compile of pngtest.c. + Conditionally compile png_inflate(). + +Version 1.6.25beta02 [August 18, 2016] + Don't install pngcp; it conflicts with pngcp in the pngtools package. + Minor editing of INSTALL, (whitespace, added copyright line) + +Version 1.6.25rc01 [August 24, 2016] + No changes. + +Version 1.6.25rc02 [August 29, 2016] + Added MIPS support (Mandar Sahastrabuddhe <Mandar.Sahastrabuddhe@imgtec.com>). + Only the UP filter is currently implemented. + +Version 1.6.25rc03 [August 29, 2016] + Rebased contrib/intel/intel_sse.patch after the MIPS implementation. + +Version 1.6.25rc04 [August 30, 2016] + Added MIPS support for SUB, AVG, and PAETH filters (Mandar Sahastrabuddhe). + +Version 1.6.25rc05 [August 30, 2016] + Rebased contrib/intel/intel_sse.patch after the MIPS implementation update.. + +Version 1.6.25 [September 1, 2016] + No changes. + +Version 1.6.26beta01 [September 26, 2016] + Fixed handling zero length IDAT in pngfix (bug report by Agostino Sarubbo, + bugfix by John Bowler). + Do not issue a png_error() on read in png_set_pCAL() because png_handle_pCAL + has allocated memory that libpng needs to free. + Conditionally compile png_set_benign_errors() in pngread.c and pngtest.c + Issue a png_benign_error instead of a png_error on ADLER32 mismatch + while decoding compressed data chunks. + Changed PNG_ZLIB_VERNUM to ZLIB_VERNUM in pngpriv.h, pngstruct.h, and + pngrutil.c. + If CRC handling of critical chunks has been set to PNG_CRC_QUIET_USE, + ignore the ADLER32 checksum in the IDAT chunk as well as the chunk CRCs. + Issue png_benign_error() on ADLER32 checksum mismatch instead of png_error(). + Add tests/badcrc.png and tests/badadler.png to tests/pngtest. + Merged pngtest.c with libpng-1.7.0beta84/pngtest.c + +Version 1.6.26beta02 [October 1, 2016] + Updated the documentation about CRC and ADLER32 handling. + Quieted 117 warnings from clang-3.8 in pngtrans.c, pngread.c, + pngwrite.c, pngunknown.c, and pngvalid.c. + Quieted 58 (out of 144) -Wconversion compiler warnings by changing + flag definitions in pngpriv.h from 0xnnnn to 0xnnnnU and trivial changes + in png.c, pngread.c, and pngwutil.c. + +Version 1.6.26beta03 [October 2, 2016] + Removed contrib/libtests/*.orig and *.rej that slipped into the tarballs. + Quieted the 86 remaining -Wconversion compiler warnings by + revising the png_isaligned() macro and trivial changes in png.c, + pngerror.c, pngget.c, pngmem.c, pngset.c, pngrtran.c, pngrutil.c, + pngwtran.c, pngwrite.c, and pngwutil.c. + +Version 1.6.26beta04 [October 3, 2016] + Quieted (bogus?) clang warnings about "absolute value has no effect" + when PNG_USE_ABS is defined. + Fixed offsets in contrib/intel/intel_sse.patch + +Version 1.6.26beta05 [October 6, 2016] + Changed integer constant 4294967294 to unsigned 4294967294U in pngconf.h + to avoid a signed/unsigned compare in the preprocessor. + +Version 1.6.26beta06 [October 7, 2016] + Use zlib-1.2.8.1 inflateValidate() instead of inflateReset2() to + optionally avoid ADLER32 evaluation. + +Version 1.6.26rc01 [October 12, 2016] + No changes. + +Version 1.6.26 [October 20, 2016] + Cosmetic change, "ptr != 0" to "ptr != NULL" in png.c and pngrutil.c + Despammed email addresses (replaced "@" with " at "). + +Version 1.6.27beta01 [November 2, 2016] + Restrict the new ADLER32-skipping to IDAT chunks. It broke iCCP chunk + handling: an erroneous iCCP chunk would throw a png_error and reject the + entire PNG image instead of rejecting just the iCCP chunk with a warning, + if built with zlib-1.2.8.1. + +Version 1.6.27rc01 [December 27, 2016] + Control ADLER32 checking with new PNG_IGNORE_ADLER32 option. + Removed the use of a macro containing the pre-processor 'defined' + operator. It is unclear whether this is valid; a macro that + "generates" 'defined' is not permitted, but the use of the word + "generates" within the C90 standard seems to imply more than simple + substitution of an expression itself containing a well-formed defined + operation. + Added ARM support to CMakeLists.txt (Andreas Franek). + +Version 1.6.27 [December 29, 2016] + Fixed a potential null pointer dereference in png_set_text_2() (bug report + and patch by Patrick Keshishian, CVE-2016-10087). + +Version 1.6.28rc01 [January 3, 2017] + Fixed arm/aarch64 detection in CMakeLists.txt (Gianfranco Costamagna). + Added option to Cmake build allowing a custom location of zlib to be + specified in a scenario where libpng is being built as a subproject + alongside zlib by another project (Sam Serrels). + Changed png_ptr->options from a png_byte to png_uint_32, to accomodate + up to 16 options. + +Version 1.6.28rc02 [January 4, 2017] + Added "include(GNUInstallDirs)" to CMakeLists.txt (Gianfranco Costamagna). + Moved SSE2 optimization code into the main libpng source directory. + Configure libpng with "configure --enable-intel-sse" or compile + libpng with "-DPNG_INTEL_SSE" in CPPFLAGS to enable it. + +Version 1.6.28rc03 [January 4, 2017] + Backed out the SSE optimization and last CMakeLists.txt to allow time for QA. + +Version 1.6.28 [January 5, 2017] + No changes. + Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit https://lists.sourceforge.net/lists/listinfo/png-mng-implement
--- a/src/share/native/sun/awt/libpng/LICENSE Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/LICENSE Wed Jul 19 05:41:28 2017 +0100 @@ -10,8 +10,8 @@ This code is released under the libpng license. -libpng versions 1.0.7, July 1, 2000, through 1.6.20, December 3, 2015, are -Copyright (c) 2000-2002, 2004, 2006-2015 Glenn Randers-Pehrson, are +libpng versions 1.0.7, July 1, 2000 through 1.6.28, January 5, 2017 are +Copyright (c) 2000-2002, 2004, 2006-2017 Glenn Randers-Pehrson, are derived from libpng-1.0.6, and are distributed according to the same disclaimer and license as libpng-1.0.6 with the following individuals added to the list of Contributing Authors: @@ -22,6 +22,7 @@ Cosmin Truta Gilles Vollant James Yu + Mandar Sahastrabuddhe and with the following additions to the disclaimer: @@ -32,6 +33,10 @@ risk of satisfactory quality, performance, accuracy, and effort is with the user. +Some files in the "contrib" directory and some configure-generated +files that are distributed with libpng have other copyright owners and +are released under other open source licenses. + libpng versions 0.97, January 1998, through 1.0.6, March 20, 2000, are Copyright (c) 1998-2000 Glenn Randers-Pehrson, are derived from libpng-0.96, and are distributed according to the same disclaimer and @@ -55,6 +60,9 @@ Greg Roelofs Tom Tanner +Some files in the "scripts" directory have other copyright owners +but are released under this license. + libpng versions 0.5, May 1995, through 0.88, January 1996, are Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. @@ -95,18 +103,29 @@ END OF COPYRIGHT NOTICE, DISCLAIMER, and LICENSE. -A "png_get_copyright" function is available, for convenient use in "about" -boxes and the like: +TRADEMARK: - printf("%s", png_get_copyright(NULL)); +The name "libpng" has not been registered by the Copyright owner +as a trademark in any jurisdiction. However, because libpng has +been distributed and maintained world-wide, continually since 1995, +the Copyright owner claims "common-law trademark protection" in any +jurisdiction where common-law trademark is recognized. -Also, the PNG logo (in PNG format, of course) is supplied in the -files "pngbar.png" and "pngbar.jpg (88x31) and "pngnow.png" (98x31). +OSI CERTIFICATION: Libpng is OSI Certified Open Source Software. OSI Certified Open Source is a certification mark of the Open Source Initiative. OSI has not addressed the additional disclaimers inserted at version 1.0.7. +EXPORT CONTROL: + +The Copyright owner believes that the Export Control Classification +Number (ECCN) for libpng is EAR99, which means not subject to export +controls or International Traffic in Arms Regulations (ITAR) because +it is open source, publicly available software, that does not contain +any encryption software. See the EAR, paragraphs 734.3(b)(3) and +734.7(b). + Glenn Randers-Pehrson glennrp at users.sourceforge.net -December 3, 2015 +January 5, 2017
--- a/src/share/native/sun/awt/libpng/README Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/README Wed Jul 19 05:41:28 2017 +0100 @@ -1,4 +1,4 @@ -README for libpng version 1.6.20 - December 3, 2015 (shared library 16.0) +README for libpng version 1.6.28 - January 5, 2017 (shared library 16.0) See the note about version numbers near the top of png.h See INSTALL for instructions on how to install libpng. @@ -180,15 +180,18 @@ pngwutil.c => Write utility functions arm => Contains optimized code for the ARM platform contrib => Contributions + arm-neon => Optimized code for ARM-NEON platform examples => Example programs gregbook => source code for PNG reading and writing, from Greg Roelofs' "PNG: The Definitive Guide", O'Reilly, 1999 + intel => Optimized code for INTEL-SSE2 platform libtests => Test programs pngminim => Minimal decoder, encoder, and progressive decoder programs demonstrating use of pngusr.dfa pngminus => Simple pnm2png and png2pnm programs pngsuite => Test images + testpngs tools => Various tools visupng => Contains a MSVC workspace for VisualPng projects => Contains project files and workspaces for
--- a/src/share/native/sun/awt/libpng/png.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/png.c Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.19 [November 12, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.28 [January 5, 2017] + * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -42,7 +42,7 @@ #include "pngpriv.h" /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_20 Your_png_h_is_not_version_1_6_20; +typedef png_libpng_version_1_6_28 Your_png_h_is_not_version_1_6_28; /* Tells libpng that we have already handled the first "num_bytes" bytes * of the PNG file signature. If the PNG data is embedded into another @@ -113,7 +113,7 @@ if (items >= (~(png_alloc_size_t)0)/size) { png_warning (png_voidcast(png_structrp, png_ptr), - "Potential overflow in png_zalloc()"); + "Potential overflow in png_zalloc()"); return NULL; } @@ -200,10 +200,10 @@ int png_user_version_check(png_structrp png_ptr, png_const_charp user_png_ver) { - /* Libpng versions 1.0.0 and later are binary compatible if the version - * string matches through the second '.'; we must recompile any - * applications that use any older library version. - */ + /* Libpng versions 1.0.0 and later are binary compatible if the version + * string matches through the second '.'; we must recompile any + * applications that use any older library version. + */ if (user_png_ver != NULL) { @@ -325,7 +325,7 @@ if (png_user_version_check(&create_struct, user_png_ver) != 0) { png_structrp png_ptr = png_voidcast(png_structrp, - png_malloc_warn(&create_struct, (sizeof *png_ptr))); + png_malloc_warn(&create_struct, (sizeof *png_ptr))); if (png_ptr != NULL) { @@ -374,7 +374,7 @@ * has always been done in 'example.c'. */ info_ptr = png_voidcast(png_inforp, png_malloc_base(png_ptr, - (sizeof *info_ptr))); + (sizeof *info_ptr))); if (info_ptr != NULL) memset(info_ptr, 0, (sizeof *info_ptr)); @@ -430,7 +430,7 @@ */ PNG_FUNCTION(void,PNGAPI png_info_init_3,(png_infopp ptr_ptr, png_size_t png_info_struct_size), - PNG_DEPRECATED) + PNG_DEPRECATED) { png_inforp info_ptr = *ptr_ptr; @@ -445,7 +445,7 @@ /* The following line is why this API should not be used: */ free(info_ptr); info_ptr = png_voidcast(png_inforp, png_malloc_base(NULL, - (sizeof *info_ptr))); + (sizeof *info_ptr))); if (info_ptr == NULL) return; *ptr_ptr = info_ptr; @@ -458,7 +458,7 @@ /* The following API is not called internally */ void PNGAPI png_data_freer(png_const_structrp png_ptr, png_inforp info_ptr, - int freer, png_uint_32 mask) + int freer, png_uint_32 mask) { png_debug(1, "in png_data_freer"); @@ -477,7 +477,7 @@ void PNGAPI png_free_data(png_const_structrp png_ptr, png_inforp info_ptr, png_uint_32 mask, - int num) + int num) { png_debug(1, "in png_free_data"); @@ -486,7 +486,7 @@ #ifdef PNG_TEXT_SUPPORTED /* Free text item num or (if num == -1) all text items */ - if (info_ptr->text != 0 && + if (info_ptr->text != NULL && ((mask & PNG_FREE_TEXT) & info_ptr->free_me) != 0) { if (num != -1) @@ -505,6 +505,7 @@ png_free(png_ptr, info_ptr->text); info_ptr->text = NULL; info_ptr->num_text = 0; + info_ptr->max_text = 0; } } #endif @@ -569,7 +570,7 @@ #ifdef PNG_sPLT_SUPPORTED /* Free a given sPLT entry, or (if num == -1) all sPLT entries */ - if (info_ptr->splt_palettes != 0 && + if (info_ptr->splt_palettes != NULL && ((mask & PNG_FREE_SPLT) & info_ptr->free_me) != 0) { if (num != -1) @@ -599,7 +600,7 @@ #endif #ifdef PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED - if (info_ptr->unknown_chunks != 0 && + if (info_ptr->unknown_chunks != NULL && ((mask & PNG_FREE_UNKN) & info_ptr->free_me) != 0) { if (num != -1) @@ -645,7 +646,7 @@ /* Free any image bits attached to the info structure */ if (((mask & PNG_FREE_ROWS) & info_ptr->free_me) != 0) { - if (info_ptr->row_pointers != 0) + if (info_ptr->row_pointers != NULL) { png_uint_32 row; for (row = 0; row < info_ptr->height; row++) @@ -712,7 +713,7 @@ void PNGAPI png_save_int_32(png_bytep buf, png_int_32 i) { - png_save_uint_32(buf, i); + png_save_uint_32(buf, (png_uint_32)i); } # endif @@ -803,14 +804,15 @@ #else # ifdef __STDC__ return PNG_STRING_NEWLINE \ - "libpng version 1.6.20 - December 3, 2015" PNG_STRING_NEWLINE \ - "Copyright (c) 1998-2015 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \ + "libpng version 1.6.28 - January 5, 2017" PNG_STRING_NEWLINE \ + "Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson" \ + PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ PNG_STRING_NEWLINE; # else - return "libpng version 1.6.20 - December 3, 2015\ - Copyright (c) 1998-2015 Glenn Randers-Pehrson\ + return "libpng version 1.6.28 - January 5, 2017\ + Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson\ Copyright (c) 1996-1997 Andreas Dilger\ Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; # endif @@ -1060,7 +1062,7 @@ #ifdef PNG_GAMMA_SUPPORTED /* always set if COLORSPACE */ static int png_colorspace_check_gamma(png_const_structrp png_ptr, - png_colorspacerp colorspace, png_fixed_point gAMA, int from) + png_colorspacerp colorspace, png_fixed_point gAMA, int from) /* This is called to check a new gamma value against an existing one. The * routine returns false if the new gamma value should not be written. * @@ -1074,7 +1076,7 @@ png_fixed_point gtest; if ((colorspace->flags & PNG_COLORSPACE_HAVE_GAMMA) != 0 && - (png_muldiv(>est, colorspace->gamma, PNG_FP_1, gAMA) == 0 || + (png_muldiv(>est, colorspace->gamma, PNG_FP_1, gAMA) == 0 || png_gamma_significant(gtest) != 0)) { /* Either this is an sRGB image, in which case the calculated gamma @@ -1086,7 +1088,7 @@ if ((colorspace->flags & PNG_COLORSPACE_FROM_sRGB) != 0 || from == 2) { png_chunk_report(png_ptr, "gamma value does not match sRGB", - PNG_CHUNK_ERROR); + PNG_CHUNK_ERROR); /* Do not overwrite an sRGB value */ return from == 2; } @@ -1094,7 +1096,7 @@ else /* sRGB tag not involved */ { png_chunk_report(png_ptr, "gamma value does not match libpng estimate", - PNG_CHUNK_WARNING); + PNG_CHUNK_WARNING); return from == 1; } } @@ -1104,7 +1106,7 @@ void /* PRIVATE */ png_colorspace_set_gamma(png_const_structrp png_ptr, - png_colorspacerp colorspace, png_fixed_point gAMA) + png_colorspacerp colorspace, png_fixed_point gAMA) { /* Changed in libpng-1.5.4 to limit the values to ensure overflow can't * occur. Since the fixed point representation is asymetrical it is @@ -1662,8 +1664,8 @@ static int png_colorspace_set_xy_and_XYZ(png_const_structrp png_ptr, - png_colorspacerp colorspace, const png_xy *xy, const png_XYZ *XYZ, - int preferred) + png_colorspacerp colorspace, const png_xy *xy, const png_XYZ *XYZ, + int preferred) { if ((colorspace->flags & PNG_COLORSPACE_INVALID) != 0) return 0; @@ -1710,7 +1712,7 @@ int /* PRIVATE */ png_colorspace_set_chromaticities(png_const_structrp png_ptr, - png_colorspacerp colorspace, const png_xy *xy, int preferred) + png_colorspacerp colorspace, const png_xy *xy, int preferred) { /* We must check the end points to ensure they are reasonable - in the past * color management systems have crashed as a result of getting bogus @@ -1724,7 +1726,7 @@ { case 0: /* success */ return png_colorspace_set_xy_and_XYZ(png_ptr, colorspace, xy, &XYZ, - preferred); + preferred); case 1: /* We can't invert the chromaticities so we can't produce value XYZ @@ -1747,7 +1749,7 @@ int /* PRIVATE */ png_colorspace_set_endpoints(png_const_structrp png_ptr, - png_colorspacerp colorspace, const png_XYZ *XYZ_in, int preferred) + png_colorspacerp colorspace, const png_XYZ *XYZ_in, int preferred) { png_XYZ XYZ = *XYZ_in; png_xy xy; @@ -1756,7 +1758,7 @@ { case 0: return png_colorspace_set_xy_and_XYZ(png_ptr, colorspace, &xy, &XYZ, - preferred); + preferred); case 1: /* End points are invalid. */ @@ -1813,7 +1815,7 @@ static int png_icc_profile_error(png_const_structrp png_ptr, png_colorspacerp colorspace, - png_const_charp name, png_alloc_size_t value, png_const_charp reason) + png_const_charp name, png_alloc_size_t value, png_const_charp reason) { size_t pos; char message[196]; /* see below for calculation */ @@ -1838,8 +1840,8 @@ char number[PNG_NUMBER_BUFFER_SIZE]; /* +24 = 114*/ pos = png_safecat(message, (sizeof message), pos, - png_format_number(number, number+(sizeof number), - PNG_NUMBER_FORMAT_x, value)); + png_format_number(number, number+(sizeof number), + PNG_NUMBER_FORMAT_x, value)); pos = png_safecat(message, (sizeof message), pos, "h: "); /*+2 = 116*/ } # endif @@ -1853,7 +1855,7 @@ * application errors the PNG won't be written.) */ png_chunk_report(png_ptr, message, - (colorspace != NULL) ? PNG_CHUNK_ERROR : PNG_CHUNK_WRITE_ERROR); + (colorspace != NULL) ? PNG_CHUNK_ERROR : PNG_CHUNK_WRITE_ERROR); return 0; } @@ -1862,7 +1864,7 @@ #ifdef PNG_sRGB_SUPPORTED int /* PRIVATE */ png_colorspace_set_sRGB(png_const_structrp png_ptr, png_colorspacerp colorspace, - int intent) + int intent) { /* sRGB sets known gamma, end points and (from the chunk) intent. */ /* IMPORTANT: these are not necessarily the values found in an ICC profile @@ -1899,10 +1901,10 @@ */ if (intent < 0 || intent >= PNG_sRGB_INTENT_LAST) return png_icc_profile_error(png_ptr, colorspace, "sRGB", - (unsigned)intent, "invalid sRGB rendering intent"); + (unsigned)intent, "invalid sRGB rendering intent"); if ((colorspace->flags & PNG_COLORSPACE_HAVE_INTENT) != 0 && - colorspace->rendering_intent != intent) + colorspace->rendering_intent != intent) return png_icc_profile_error(png_ptr, colorspace, "sRGB", (unsigned)intent, "inconsistent rendering intents"); @@ -1916,8 +1918,8 @@ * warn but overwrite the value with the correct one. */ if ((colorspace->flags & PNG_COLORSPACE_HAVE_ENDPOINTS) != 0 && - !png_colorspace_endpoints_match(&sRGB_xy, &colorspace->end_points_xy, - 100)) + !png_colorspace_endpoints_match(&sRGB_xy, &colorspace->end_points_xy, + 100)) png_chunk_report(png_ptr, "cHRM chunk does not match sRGB", PNG_CHUNK_ERROR); @@ -1925,7 +1927,7 @@ * returns true when the 'from' argument corresponds to sRGB (2). */ (void)png_colorspace_check_gamma(png_ptr, colorspace, PNG_GAMMA_sRGB_INVERSE, - 2/*from sRGB*/); + 2/*from sRGB*/); /* intent: bugs in GCC force 'int' to be used as the parameter type. */ colorspace->rendering_intent = (png_uint_16)intent; @@ -1958,21 +1960,55 @@ static const png_byte D50_nCIEXYZ[12] = { 0x00, 0x00, 0xf6, 0xd6, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0xd3, 0x2d }; -int /* PRIVATE */ -png_icc_check_length(png_const_structrp png_ptr, png_colorspacerp colorspace, - png_const_charp name, png_uint_32 profile_length) +static int /* bool */ +icc_check_length(png_const_structrp png_ptr, png_colorspacerp colorspace, + png_const_charp name, png_uint_32 profile_length) { if (profile_length < 132) return png_icc_profile_error(png_ptr, colorspace, name, profile_length, - "too short"); + "too short"); return 1; } +#ifdef PNG_READ_iCCP_SUPPORTED +int /* PRIVATE */ +png_icc_check_length(png_const_structrp png_ptr, png_colorspacerp colorspace, + png_const_charp name, png_uint_32 profile_length) +{ + if (!icc_check_length(png_ptr, colorspace, name, profile_length)) + return 0; + + /* This needs to be here because the 'normal' check is in + * png_decompress_chunk, yet this happens after the attempt to + * png_malloc_base the required data. We only need this on read; on write + * the caller supplies the profile buffer so libpng doesn't allocate it. See + * the call to icc_check_length below (the write case). + */ +# ifdef PNG_SET_USER_LIMITS_SUPPORTED + else if (png_ptr->user_chunk_malloc_max > 0 && + png_ptr->user_chunk_malloc_max < profile_length) + return png_icc_profile_error(png_ptr, colorspace, name, profile_length, + "exceeds application limits"); +# elif PNG_USER_CHUNK_MALLOC_MAX > 0 + else if (PNG_USER_CHUNK_MALLOC_MAX < profile_length) + return png_icc_profile_error(png_ptr, colorspace, name, profile_length, + "exceeds libpng limits"); +# else /* !SET_USER_LIMITS */ + /* This will get compiled out on all 32-bit and better systems. */ + else if (PNG_SIZE_MAX < profile_length) + return png_icc_profile_error(png_ptr, colorspace, name, profile_length, + "exceeds system limits"); +# endif /* !SET_USER_LIMITS */ + + return 1; +} +#endif /* READ_iCCP */ + int /* PRIVATE */ png_icc_check_header(png_const_structrp png_ptr, png_colorspacerp colorspace, - png_const_charp name, png_uint_32 profile_length, - png_const_bytep profile/* first 132 bytes only */, int color_type) + png_const_charp name, png_uint_32 profile_length, + png_const_bytep profile/* first 132 bytes only */, int color_type) { png_uint_32 temp; @@ -1984,18 +2020,18 @@ temp = png_get_uint_32(profile); if (temp != profile_length) return png_icc_profile_error(png_ptr, colorspace, name, temp, - "length does not match profile"); + "length does not match profile"); temp = (png_uint_32) (*(profile+8)); if (temp > 3 && (profile_length & 3)) return png_icc_profile_error(png_ptr, colorspace, name, profile_length, - "invalid length"); + "invalid length"); temp = png_get_uint_32(profile+128); /* tag count: 12 bytes/tag */ if (temp > 357913930 || /* (2^32-4-132)/12: maximum possible tag count */ profile_length < 132+12*temp) /* truncated tag table */ return png_icc_profile_error(png_ptr, colorspace, name, temp, - "tag count too large"); + "tag count too large"); /* The 'intent' must be valid or we can't store it, ICC limits the intent to * 16 bits. @@ -2003,14 +2039,14 @@ temp = png_get_uint_32(profile+64); if (temp >= 0xffff) /* The ICC limit */ return png_icc_profile_error(png_ptr, colorspace, name, temp, - "invalid rendering intent"); + "invalid rendering intent"); /* This is just a warning because the profile may be valid in future * versions. */ if (temp >= PNG_sRGB_INTENT_LAST) (void)png_icc_profile_error(png_ptr, NULL, name, temp, - "intent outside defined range"); + "intent outside defined range"); /* At this point the tag table can't be checked because it hasn't necessarily * been loaded; however, various header fields can be checked. These checks @@ -2027,7 +2063,7 @@ temp = png_get_uint_32(profile+36); /* signature 'ascp' */ if (temp != 0x61637370) return png_icc_profile_error(png_ptr, colorspace, name, temp, - "invalid signature"); + "invalid signature"); /* Currently the PCS illuminant/adopted white point (the computational * white point) are required to be D50, @@ -2038,7 +2074,7 @@ */ if (memcmp(profile+68, D50_nCIEXYZ, 12) != 0) (void)png_icc_profile_error(png_ptr, NULL, name, 0/*no tag value*/, - "PCS illuminant is not D50"); + "PCS illuminant is not D50"); /* The PNG spec requires this: * "If the iCCP chunk is present, the image samples conform to the colour @@ -2066,18 +2102,18 @@ case 0x52474220: /* 'RGB ' */ if ((color_type & PNG_COLOR_MASK_COLOR) == 0) return png_icc_profile_error(png_ptr, colorspace, name, temp, - "RGB color space not permitted on grayscale PNG"); + "RGB color space not permitted on grayscale PNG"); break; case 0x47524159: /* 'GRAY' */ if ((color_type & PNG_COLOR_MASK_COLOR) != 0) return png_icc_profile_error(png_ptr, colorspace, name, temp, - "Gray color space not permitted on RGB PNG"); + "Gray color space not permitted on RGB PNG"); break; default: return png_icc_profile_error(png_ptr, colorspace, name, temp, - "invalid ICC profile color space"); + "invalid ICC profile color space"); } /* It is up to the application to check that the profile class matches the @@ -2102,7 +2138,7 @@ case 0x61627374: /* 'abst' */ /* May not be embedded in an image */ return png_icc_profile_error(png_ptr, colorspace, name, temp, - "invalid embedded Abstract ICC profile"); + "invalid embedded Abstract ICC profile"); case 0x6c696e6b: /* 'link' */ /* DeviceLink profiles cannot be interpreted in a non-device specific @@ -2112,7 +2148,7 @@ * PNG. */ return png_icc_profile_error(png_ptr, colorspace, name, temp, - "unexpected DeviceLink ICC profile class"); + "unexpected DeviceLink ICC profile class"); case 0x6e6d636c: /* 'nmcl' */ /* A NamedColor profile is also device specific, however it doesn't @@ -2120,7 +2156,7 @@ * certainly it will fail the tests below. */ (void)png_icc_profile_error(png_ptr, NULL, name, temp, - "unexpected NamedColor ICC profile class"); + "unexpected NamedColor ICC profile class"); break; default: @@ -2130,7 +2166,7 @@ * understood profiles. */ (void)png_icc_profile_error(png_ptr, NULL, name, temp, - "unrecognized ICC profile class"); + "unrecognized ICC profile class"); break; } @@ -2146,7 +2182,7 @@ default: return png_icc_profile_error(png_ptr, colorspace, name, temp, - "unexpected ICC PCS encoding"); + "unexpected ICC PCS encoding"); } return 1; @@ -2154,8 +2190,8 @@ int /* PRIVATE */ png_icc_check_tag_table(png_const_structrp png_ptr, png_colorspacerp colorspace, - png_const_charp name, png_uint_32 profile_length, - png_const_bytep profile /* header plus whole tag table */) + png_const_charp name, png_uint_32 profile_length, + png_const_bytep profile /* header plus whole tag table */) { png_uint_32 tag_count = png_get_uint_32(profile+128); png_uint_32 itag; @@ -2183,7 +2219,7 @@ * alignment. */ (void)png_icc_profile_error(png_ptr, NULL, name, tag_id, - "ICC profile tag start not a multiple of 4"); + "ICC profile tag start not a multiple of 4"); } /* This is a hard error; potentially it can cause read outside the @@ -2191,7 +2227,7 @@ */ if (tag_start > profile_length || tag_length > profile_length - tag_start) return png_icc_profile_error(png_ptr, colorspace, name, tag_id, - "ICC profile tag outside profile"); + "ICC profile tag outside profile"); } return 1; /* success, maybe with warnings */ @@ -2219,22 +2255,22 @@ */ /* adler32, crc32, MD5[4], intent, date, length, file-name */ PNG_ICC_CHECKSUM(0x0a3fd9f6, 0x3b8772b9, - PNG_MD5(0x29f83dde, 0xaff255ae, 0x7842fae4, 0xca83390d), 0, 0, - "2009/03/27 21:36:31", 3048, "sRGB_IEC61966-2-1_black_scaled.icc") + PNG_MD5(0x29f83dde, 0xaff255ae, 0x7842fae4, 0xca83390d), 0, 0, + "2009/03/27 21:36:31", 3048, "sRGB_IEC61966-2-1_black_scaled.icc") /* ICC sRGB v2 perceptual no black-compensation: */ PNG_ICC_CHECKSUM(0x4909e5e1, 0x427ebb21, - PNG_MD5(0xc95bd637, 0xe95d8a3b, 0x0df38f99, 0xc1320389), 1, 0, - "2009/03/27 21:37:45", 3052, "sRGB_IEC61966-2-1_no_black_scaling.icc") + PNG_MD5(0xc95bd637, 0xe95d8a3b, 0x0df38f99, 0xc1320389), 1, 0, + "2009/03/27 21:37:45", 3052, "sRGB_IEC61966-2-1_no_black_scaling.icc") PNG_ICC_CHECKSUM(0xfd2144a1, 0x306fd8ae, - PNG_MD5(0xfc663378, 0x37e2886b, 0xfd72e983, 0x8228f1b8), 0, 0, - "2009/08/10 17:28:01", 60988, "sRGB_v4_ICC_preference_displayclass.icc") + PNG_MD5(0xfc663378, 0x37e2886b, 0xfd72e983, 0x8228f1b8), 0, 0, + "2009/08/10 17:28:01", 60988, "sRGB_v4_ICC_preference_displayclass.icc") /* ICC sRGB v4 perceptual */ PNG_ICC_CHECKSUM(0x209c35d2, 0xbbef7812, - PNG_MD5(0x34562abf, 0x994ccd06, 0x6d2c5721, 0xd0d68c5d), 0, 0, - "2007/07/25 00:05:37", 60960, "sRGB_v4_ICC_preference.icc") + PNG_MD5(0x34562abf, 0x994ccd06, 0x6d2c5721, 0xd0d68c5d), 0, 0, + "2007/07/25 00:05:37", 60960, "sRGB_v4_ICC_preference.icc") /* The following profiles have no known MD5 checksum. If there is a match * on the (empty) MD5 the other fields are used to attempt a match and @@ -2242,8 +2278,8 @@ * which suggests that they were also made by Hewlett Packard. */ PNG_ICC_CHECKSUM(0xa054d762, 0x5d5129ce, - PNG_MD5(0x00000000, 0x00000000, 0x00000000, 0x00000000), 1, 0, - "2004/07/21 18:57:42", 3024, "sRGB_IEC61966-2-1_noBPC.icc") + PNG_MD5(0x00000000, 0x00000000, 0x00000000, 0x00000000), 1, 0, + "2004/07/21 18:57:42", 3024, "sRGB_IEC61966-2-1_noBPC.icc") /* This is a 'mntr' (display) profile with a mediaWhitePointTag that does not * match the D50 PCS illuminant in the header (it is in fact the D65 values, @@ -2253,17 +2289,17 @@ * chromaticAdaptationTag. */ PNG_ICC_CHECKSUM(0xf784f3fb, 0x182ea552, - PNG_MD5(0x00000000, 0x00000000, 0x00000000, 0x00000000), 0, 1/*broken*/, - "1998/02/09 06:49:00", 3144, "HP-Microsoft sRGB v2 perceptual") + PNG_MD5(0x00000000, 0x00000000, 0x00000000, 0x00000000), 0, 1/*broken*/, + "1998/02/09 06:49:00", 3144, "HP-Microsoft sRGB v2 perceptual") PNG_ICC_CHECKSUM(0x0398f3fc, 0xf29e526d, - PNG_MD5(0x00000000, 0x00000000, 0x00000000, 0x00000000), 1, 1/*broken*/, - "1998/02/09 06:49:00", 3144, "HP-Microsoft sRGB v2 media-relative") + PNG_MD5(0x00000000, 0x00000000, 0x00000000, 0x00000000), 1, 1/*broken*/, + "1998/02/09 06:49:00", 3144, "HP-Microsoft sRGB v2 media-relative") }; static int png_compare_ICC_profile_with_sRGB(png_const_structrp png_ptr, - png_const_bytep profile, uLong adler) + png_const_bytep profile, uLong adler) { /* The quick check is to verify just the MD5 signature and trust the * rest of the data. Because the profile has already been verified for @@ -2347,7 +2383,7 @@ * which is made irrelevant by this error. */ png_chunk_report(png_ptr, "known incorrect sRGB profile", - PNG_CHUNK_ERROR); + PNG_CHUNK_ERROR); } /* Warn that this being done; this isn't even an error since @@ -2357,8 +2393,8 @@ else if (png_sRGB_checks[i].have_md5 == 0) { png_chunk_report(png_ptr, - "out-of-date sRGB profile with no signature", - PNG_CHUNK_WARNING); + "out-of-date sRGB profile with no signature", + PNG_CHUNK_WARNING); } return 1+png_sRGB_checks[i].is_broken; @@ -2381,38 +2417,36 @@ return 0; /* no match */ } -#endif /* PNG_sRGB_PROFILE_CHECKS >= 0 */ void /* PRIVATE */ png_icc_set_sRGB(png_const_structrp png_ptr, - png_colorspacerp colorspace, png_const_bytep profile, uLong adler) + png_colorspacerp colorspace, png_const_bytep profile, uLong adler) { /* Is this profile one of the known ICC sRGB profiles? If it is, just set * the sRGB information. */ -#if PNG_sRGB_PROFILE_CHECKS >= 0 if (png_compare_ICC_profile_with_sRGB(png_ptr, profile, adler) != 0) -#endif (void)png_colorspace_set_sRGB(png_ptr, colorspace, (int)/*already checked*/png_get_uint_32(profile+64)); } +#endif /* PNG_sRGB_PROFILE_CHECKS >= 0 */ #endif /* sRGB */ int /* PRIVATE */ png_colorspace_set_ICC(png_const_structrp png_ptr, png_colorspacerp colorspace, - png_const_charp name, png_uint_32 profile_length, png_const_bytep profile, - int color_type) + png_const_charp name, png_uint_32 profile_length, png_const_bytep profile, + int color_type) { if ((colorspace->flags & PNG_COLORSPACE_INVALID) != 0) return 0; - if (png_icc_check_length(png_ptr, colorspace, name, profile_length) != 0 && + if (icc_check_length(png_ptr, colorspace, name, profile_length) != 0 && png_icc_check_header(png_ptr, colorspace, name, profile_length, profile, - color_type) != 0 && + color_type) != 0 && png_icc_check_tag_table(png_ptr, colorspace, name, profile_length, - profile) != 0) + profile) != 0) { -# ifdef PNG_sRGB_SUPPORTED +# if defined(PNG_sRGB_SUPPORTED) && PNG_sRGB_PROFILE_CHECKS >= 0 /* If no sRGB support, don't try storing sRGB information */ png_icc_set_sRGB(png_ptr, colorspace, profile, 0); # endif @@ -2471,7 +2505,7 @@ /* Check for an internal error. */ if (r+g+b != 32768) png_error(png_ptr, - "internal error handling cHRM coefficients"); + "internal error handling cHRM coefficients"); else { @@ -2497,7 +2531,7 @@ static int /* PRIVATE */ png_gt(size_t a, size_t b) { - return a > b; + return a > b; } #else # define png_gt(a,b) ((a) > (b)) @@ -2505,9 +2539,9 @@ void /* PRIVATE */ png_check_IHDR(png_const_structrp png_ptr, - png_uint_32 width, png_uint_32 height, int bit_depth, - int color_type, int interlace_type, int compression_type, - int filter_type) + png_uint_32 width, png_uint_32 height, int bit_depth, + int color_type, int interlace_type, int compression_type, + int filter_type) { int error = 0; @@ -2524,7 +2558,7 @@ error = 1; } - if (png_gt(((width + 7) & (~7)), + if (png_gt(((width + 7) & (~7U)), ((PNG_SIZE_MAX - 48 /* big_row_buf hack */ - 1) /* filter byte */ @@ -2670,7 +2704,7 @@ int /* PRIVATE */ png_check_fp_number(png_const_charp string, png_size_t size, int *statep, - png_size_tp whereami) + png_size_tp whereami) { int state = *statep; png_size_t i = *whereami; @@ -2935,7 +2969,7 @@ */ if (exp_b10 < 0 && exp_b10 > -3) /* PLUS 3 TOTAL 4 */ { - czero = -exp_b10; /* PLUS 2 digits: TOTAL 3 */ + czero = (unsigned int)(-exp_b10); /* PLUS 2 digits: TOTAL 3 */ exp_b10 = 0; /* Dot added below before first output. */ } else @@ -3113,11 +3147,11 @@ if (exp_b10 < 0) { *ascii++ = 45, --size; /* '-': PLUS 1 TOTAL 3+precision */ - uexp_b10 = -exp_b10; + uexp_b10 = (unsigned int)(-exp_b10); } else - uexp_b10 = exp_b10; + uexp_b10 = (unsigned int)exp_b10; cdigits = 0; @@ -3179,9 +3213,9 @@ /* Avoid overflow here on the minimum integer. */ if (fp < 0) - *ascii++ = 45, num = -fp; + *ascii++ = 45, num = (png_uint_32)(-fp); else - num = fp; + num = (png_uint_32)fp; if (num <= 0x80000000) /* else overflowed */ { @@ -3833,25 +3867,25 @@ { if (value > 0 && value < 65535) { -# ifdef PNG_FLOATING_ARITHMETIC_SUPPORTED - /* The same (unsigned int)->(double) constraints apply here as above, - * however in this case the (unsigned int) to (int) conversion can - * overflow on an ANSI-C90 compliant system so the cast needs to ensure - * that this is not possible. - */ - double r = floor(65535*pow((png_int_32)value/65535., - gamma_val*.00001)+.5); - return (png_uint_16)r; -# else - png_int_32 lg2 = png_log16bit(value); - png_fixed_point res; - - if (png_muldiv(&res, gamma_val, lg2, PNG_FP_1) != 0) - return png_exp16bit(res); - - /* Overflow. */ - value = 0; -# endif +# ifdef PNG_FLOATING_ARITHMETIC_SUPPORTED + /* The same (unsigned int)->(double) constraints apply here as above, + * however in this case the (unsigned int) to (int) conversion can + * overflow on an ANSI-C90 compliant system so the cast needs to ensure + * that this is not possible. + */ + double r = floor(65535*pow((png_int_32)value/65535., + gamma_val*.00001)+.5); + return (png_uint_16)r; +# else + png_int_32 lg2 = png_log16bit(value); + png_fixed_point res; + + if (png_muldiv(&res, gamma_val, lg2, PNG_FP_1) != 0) + return png_exp16bit(res); + + /* Overflow. */ + value = 0; +# endif } return (png_uint_16)value; @@ -3890,7 +3924,7 @@ */ static void png_build_16bit_table(png_structrp png_ptr, png_uint_16pp *ptable, - PNG_CONST unsigned int shift, PNG_CONST png_fixed_point gamma_val) + PNG_CONST unsigned int shift, PNG_CONST png_fixed_point gamma_val) { /* Various values derived from 'shift': */ PNG_CONST unsigned int num = 1U << (8U - shift); @@ -3967,7 +4001,7 @@ */ static void png_build_16to8_table(png_structrp png_ptr, png_uint_16pp *ptable, - PNG_CONST unsigned int shift, PNG_CONST png_fixed_point gamma_val) + PNG_CONST unsigned int shift, PNG_CONST png_fixed_point gamma_val) { PNG_CONST unsigned int num = 1U << (8U - shift); PNG_CONST unsigned int max = (1U << (16U - shift))-1U; @@ -4035,7 +4069,7 @@ */ static void png_build_8bit_table(png_structrp png_ptr, png_bytepp ptable, - PNG_CONST png_fixed_point gamma_val) + PNG_CONST png_fixed_point gamma_val) { unsigned int i; png_bytep table = *ptable = (png_bytep)png_malloc(png_ptr, 256); @@ -4115,131 +4149,133 @@ void /* PRIVATE */ png_build_gamma_table(png_structrp png_ptr, int bit_depth) { - png_debug(1, "in png_build_gamma_table"); - - /* Remove any existing table; this copes with multiple calls to - * png_read_update_info. The warning is because building the gamma tables - * multiple times is a performance hit - it's harmless but the ability to call - * png_read_update_info() multiple times is new in 1.5.6 so it seems sensible - * to warn if the app introduces such a hit. - */ - if (png_ptr->gamma_table != NULL || png_ptr->gamma_16_table != NULL) - { - png_warning(png_ptr, "gamma table being rebuilt"); - png_destroy_gamma_table(png_ptr); - } - - if (bit_depth <= 8) - { - png_build_8bit_table(png_ptr, &png_ptr->gamma_table, - png_ptr->screen_gamma > 0 ? png_reciprocal2(png_ptr->colorspace.gamma, - png_ptr->screen_gamma) : PNG_FP_1); + png_debug(1, "in png_build_gamma_table"); + + /* Remove any existing table; this copes with multiple calls to + * png_read_update_info. The warning is because building the gamma tables + * multiple times is a performance hit - it's harmless but the ability to + * call png_read_update_info() multiple times is new in 1.5.6 so it seems + * sensible to warn if the app introduces such a hit. + */ + if (png_ptr->gamma_table != NULL || png_ptr->gamma_16_table != NULL) + { + png_warning(png_ptr, "gamma table being rebuilt"); + png_destroy_gamma_table(png_ptr); + } + + if (bit_depth <= 8) + { + png_build_8bit_table(png_ptr, &png_ptr->gamma_table, + png_ptr->screen_gamma > 0 ? + png_reciprocal2(png_ptr->colorspace.gamma, + png_ptr->screen_gamma) : PNG_FP_1); #if defined(PNG_READ_BACKGROUND_SUPPORTED) || \ defined(PNG_READ_ALPHA_MODE_SUPPORTED) || \ defined(PNG_READ_RGB_TO_GRAY_SUPPORTED) - if ((png_ptr->transformations & (PNG_COMPOSE | PNG_RGB_TO_GRAY)) != 0) - { - png_build_8bit_table(png_ptr, &png_ptr->gamma_to_1, - png_reciprocal(png_ptr->colorspace.gamma)); - - png_build_8bit_table(png_ptr, &png_ptr->gamma_from_1, - png_ptr->screen_gamma > 0 ? png_reciprocal(png_ptr->screen_gamma) : - png_ptr->colorspace.gamma/* Probably doing rgb_to_gray */); - } + if ((png_ptr->transformations & (PNG_COMPOSE | PNG_RGB_TO_GRAY)) != 0) + { + png_build_8bit_table(png_ptr, &png_ptr->gamma_to_1, + png_reciprocal(png_ptr->colorspace.gamma)); + + png_build_8bit_table(png_ptr, &png_ptr->gamma_from_1, + png_ptr->screen_gamma > 0 ? + png_reciprocal(png_ptr->screen_gamma) : + png_ptr->colorspace.gamma/* Probably doing rgb_to_gray */); + } #endif /* READ_BACKGROUND || READ_ALPHA_MODE || RGB_TO_GRAY */ - } + } #ifdef PNG_16BIT_SUPPORTED - else - { - png_byte shift, sig_bit; - - if ((png_ptr->color_type & PNG_COLOR_MASK_COLOR) != 0) - { - sig_bit = png_ptr->sig_bit.red; - - if (png_ptr->sig_bit.green > sig_bit) - sig_bit = png_ptr->sig_bit.green; - - if (png_ptr->sig_bit.blue > sig_bit) - sig_bit = png_ptr->sig_bit.blue; - } - else - sig_bit = png_ptr->sig_bit.gray; - - /* 16-bit gamma code uses this equation: - * - * ov = table[(iv & 0xff) >> gamma_shift][iv >> 8] - * - * Where 'iv' is the input color value and 'ov' is the output value - - * pow(iv, gamma). - * - * Thus the gamma table consists of up to 256 256-entry tables. The table - * is selected by the (8-gamma_shift) most significant of the low 8 bits of - * the color value then indexed by the upper 8 bits: - * - * table[low bits][high 8 bits] - * - * So the table 'n' corresponds to all those 'iv' of: - * - * <all high 8-bit values><n << gamma_shift>..<(n+1 << gamma_shift)-1> - * - */ - if (sig_bit > 0 && sig_bit < 16U) - /* shift == insignificant bits */ - shift = (png_byte)((16U - sig_bit) & 0xff); - - else - shift = 0; /* keep all 16 bits */ - - if ((png_ptr->transformations & (PNG_16_TO_8 | PNG_SCALE_16_TO_8)) != 0) - { - /* PNG_MAX_GAMMA_8 is the number of bits to keep - effectively - * the significant bits in the *input* when the output will - * eventually be 8 bits. By default it is 11. - */ - if (shift < (16U - PNG_MAX_GAMMA_8)) - shift = (16U - PNG_MAX_GAMMA_8); - } - - if (shift > 8U) - shift = 8U; /* Guarantees at least one table! */ - - png_ptr->gamma_shift = shift; - - /* NOTE: prior to 1.5.4 this test used to include PNG_BACKGROUND (now - * PNG_COMPOSE). This effectively smashed the background calculation for - * 16-bit output because the 8-bit table assumes the result will be reduced - * to 8 bits. - */ - if ((png_ptr->transformations & (PNG_16_TO_8 | PNG_SCALE_16_TO_8)) != 0) - png_build_16to8_table(png_ptr, &png_ptr->gamma_16_table, shift, - png_ptr->screen_gamma > 0 ? png_product2(png_ptr->colorspace.gamma, - png_ptr->screen_gamma) : PNG_FP_1); - - else - png_build_16bit_table(png_ptr, &png_ptr->gamma_16_table, shift, - png_ptr->screen_gamma > 0 ? png_reciprocal2(png_ptr->colorspace.gamma, - png_ptr->screen_gamma) : PNG_FP_1); + else + { + png_byte shift, sig_bit; + + if ((png_ptr->color_type & PNG_COLOR_MASK_COLOR) != 0) + { + sig_bit = png_ptr->sig_bit.red; + + if (png_ptr->sig_bit.green > sig_bit) + sig_bit = png_ptr->sig_bit.green; + + if (png_ptr->sig_bit.blue > sig_bit) + sig_bit = png_ptr->sig_bit.blue; + } + else + sig_bit = png_ptr->sig_bit.gray; + + /* 16-bit gamma code uses this equation: + * + * ov = table[(iv & 0xff) >> gamma_shift][iv >> 8] + * + * Where 'iv' is the input color value and 'ov' is the output value - + * pow(iv, gamma). + * + * Thus the gamma table consists of up to 256 256-entry tables. The table + * is selected by the (8-gamma_shift) most significant of the low 8 bits + * of the color value then indexed by the upper 8 bits: + * + * table[low bits][high 8 bits] + * + * So the table 'n' corresponds to all those 'iv' of: + * + * <all high 8-bit values><n << gamma_shift>..<(n+1 << gamma_shift)-1> + * + */ + if (sig_bit > 0 && sig_bit < 16U) + /* shift == insignificant bits */ + shift = (png_byte)((16U - sig_bit) & 0xff); + + else + shift = 0; /* keep all 16 bits */ + + if ((png_ptr->transformations & (PNG_16_TO_8 | PNG_SCALE_16_TO_8)) != 0) + { + /* PNG_MAX_GAMMA_8 is the number of bits to keep - effectively + * the significant bits in the *input* when the output will + * eventually be 8 bits. By default it is 11. + */ + if (shift < (16U - PNG_MAX_GAMMA_8)) + shift = (16U - PNG_MAX_GAMMA_8); + } + + if (shift > 8U) + shift = 8U; /* Guarantees at least one table! */ + + png_ptr->gamma_shift = shift; + + /* NOTE: prior to 1.5.4 this test used to include PNG_BACKGROUND (now + * PNG_COMPOSE). This effectively smashed the background calculation for + * 16-bit output because the 8-bit table assumes the result will be + * reduced to 8 bits. + */ + if ((png_ptr->transformations & (PNG_16_TO_8 | PNG_SCALE_16_TO_8)) != 0) + png_build_16to8_table(png_ptr, &png_ptr->gamma_16_table, shift, + png_ptr->screen_gamma > 0 ? png_product2(png_ptr->colorspace.gamma, + png_ptr->screen_gamma) : PNG_FP_1); + + else + png_build_16bit_table(png_ptr, &png_ptr->gamma_16_table, shift, + png_ptr->screen_gamma > 0 ? png_reciprocal2(png_ptr->colorspace.gamma, + png_ptr->screen_gamma) : PNG_FP_1); #if defined(PNG_READ_BACKGROUND_SUPPORTED) || \ defined(PNG_READ_ALPHA_MODE_SUPPORTED) || \ defined(PNG_READ_RGB_TO_GRAY_SUPPORTED) - if ((png_ptr->transformations & (PNG_COMPOSE | PNG_RGB_TO_GRAY)) != 0) - { - png_build_16bit_table(png_ptr, &png_ptr->gamma_16_to_1, shift, - png_reciprocal(png_ptr->colorspace.gamma)); - - /* Notice that the '16 from 1' table should be full precision, however - * the lookup on this table still uses gamma_shift, so it can't be. - * TODO: fix this. - */ - png_build_16bit_table(png_ptr, &png_ptr->gamma_16_from_1, shift, - png_ptr->screen_gamma > 0 ? png_reciprocal(png_ptr->screen_gamma) : - png_ptr->colorspace.gamma/* Probably doing rgb_to_gray */); - } + if ((png_ptr->transformations & (PNG_COMPOSE | PNG_RGB_TO_GRAY)) != 0) + { + png_build_16bit_table(png_ptr, &png_ptr->gamma_16_to_1, shift, + png_reciprocal(png_ptr->colorspace.gamma)); + + /* Notice that the '16 from 1' table should be full precision, however + * the lookup on this table still uses gamma_shift, so it can't be. + * TODO: fix this. + */ + png_build_16bit_table(png_ptr, &png_ptr->gamma_16_from_1, shift, + png_ptr->screen_gamma > 0 ? png_reciprocal(png_ptr->screen_gamma) : + png_ptr->colorspace.gamma/* Probably doing rgb_to_gray */); + } #endif /* READ_BACKGROUND || READ_ALPHA_MODE || RGB_TO_GRAY */ - } + } #endif /* 16BIT */ } #endif /* READ_GAMMA */ @@ -4252,11 +4288,11 @@ if (png_ptr != NULL && option >= 0 && option < PNG_OPTION_NEXT && (option & 1) == 0) { - int mask = 3 << option; - int setting = (2 + (onoff != 0)) << option; - int current = png_ptr->options; - - png_ptr->options = (png_byte)(((current & ~mask) | setting) & 0xff); + png_uint_32 mask = 3 << option; + png_uint_32 setting = (2 + (onoff != 0)) << option; + png_uint_32 current = png_ptr->options; + + png_ptr->options = (png_uint_32)(((current & ~mask) | setting) & 0xff); return (current & mask) >> option; }
--- a/src/share/native/sun/awt/libpng/png.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/png.h Wed Jul 19 05:41:28 2017 +0100 @@ -29,9 +29,9 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * libpng version 1.6.20, December 3, 2015 + * libpng version 1.6.28, January 5, 2017 * - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -40,7 +40,7 @@ * Authors and maintainers: * libpng versions 0.71, May 1995, through 0.88, January 1996: Guy Schalnat * libpng versions 0.89, June 1996, through 0.96, May 1997: Andreas Dilger - * libpng versions 0.97, January 1998, through 1.6.20, December 3, 2015: + * libpng versions 0.97, January 1998, through 1.6.28, January 5, 2017: * Glenn Randers-Pehrson. * See also "Contributing Authors", below. */ @@ -53,8 +53,8 @@ * * This code is released under the libpng license. * - * libpng versions 1.0.7, July 1, 2000, through 1.6.20, December 3, 2015, are - * Copyright (c) 2000-2002, 2004, 2006-2015 Glenn Randers-Pehrson, are + * libpng versions 1.0.7, July 1, 2000 through 1.6.28, January 5, 2017 are + * Copyright (c) 2000-2002, 2004, 2006-2017 Glenn Randers-Pehrson, are * derived from libpng-1.0.6, and are distributed according to the same * disclaimer and license as libpng-1.0.6 with the following individuals * added to the list of Contributing Authors: @@ -65,6 +65,7 @@ * Cosmin Truta * Gilles Vollant * James Yu + * Mandar Sahastrabuddhe * * and with the following additions to the disclaimer: * @@ -75,6 +76,10 @@ * risk of satisfactory quality, performance, accuracy, and effort is with * the user. * + * Some files in the "contrib" directory and some configure-generated + * files that are distributed with libpng have other copyright owners and + * are released under other open source licenses. + * * libpng versions 0.97, January 1998, through 1.0.6, March 20, 2000, are * Copyright (c) 1998-2000 Glenn Randers-Pehrson, are derived from * libpng-0.96, and are distributed according to the same disclaimer and @@ -98,6 +103,9 @@ * Greg Roelofs * Tom Tanner * + * Some files in the "scripts" directory have other copyright owners + * but are released under this license. + * * libpng versions 0.5, May 1995, through 0.88, January 1996, are * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * @@ -137,6 +145,29 @@ * appreciated. * * END OF COPYRIGHT NOTICE, DISCLAIMER, and LICENSE. + * + * TRADEMARK: + * + * The name "libpng" has not been registered by the Copyright owner + * as a trademark in any jurisdiction. However, because libpng has + * been distributed and maintained world-wide, continually since 1995, + * the Copyright owner claims "common-law trademark protection" in any + * jurisdiction where common-law trademark is recognized. + * + * OSI CERTIFICATION: + * + * Libpng is OSI Certified Open Source Software. OSI Certified Open Source is + * a certification mark of the Open Source Initiative. OSI has not addressed + * the additional disclaimers inserted at version 1.0.7. + * + * EXPORT CONTROL: + * + * The Copyright owner believes that the Export Control Classification + * Number (ECCN) for libpng is EAR99, which means not subject to export + * controls or International Traffic in Arms Regulations (ITAR) because + * it is open source, publicly available software, that does not contain + * any encryption software. See the EAR, paragraphs 734.3(b)(3) and + * 734.7(b). */ /* @@ -150,12 +181,6 @@ */ /* - * Libpng is OSI Certified Open Source Software. OSI Certified Open Source is - * a certification mark of the Open Source Initiative. OSI has not addressed - * the additional disclaimers inserted at version 1.0.7. - */ - -/* * The contributing authors would like to thank all those who helped * with testing, bug fixes, and patience. This wouldn't have been * possible without all of you. @@ -210,11 +235,11 @@ * ... * 1.0.19 10 10019 10.so.0.19[.0] * ... - * 1.2.53 13 10253 12.so.0.53[.0] + * 1.2.57 13 10257 12.so.0.57[.0] * ... - * 1.5.23 15 10523 15.so.15.23[.0] + * 1.5.28 15 10527 15.so.15.28[.0] * ... - * 1.6.20 16 10620 16.so.16.20[.0] + * 1.6.28 16 10628 16.so.16.28[.0] * * Henceforth the source version will match the shared-library major * and minor numbers; the shared-library major version number will be @@ -242,13 +267,13 @@ * Y2K compliance in libpng: * ========================= * - * December 3, 2015 + * January 5, 2017 * * Since the PNG Development group is an ad-hoc body, we can't make * an official declaration. * * This is your unofficial assurance that libpng from version 0.71 and - * upward through 1.6.20 are Y2K compliant. It is my belief that + * upward through 1.6.28 are Y2K compliant. It is my belief that * earlier versions were also Y2K compliant. * * Libpng only has two year fields. One is a 2-byte unsigned integer @@ -310,9 +335,8 @@ */ /* Version information for png.h - this should match the version in png.c */ -#define PNG_LIBPNG_VER_STRING "1.6.20" -#define PNG_HEADER_VERSION_STRING \ - " libpng version 1.6.20 - December 3, 2015\n" +#define PNG_LIBPNG_VER_STRING "1.6.28" +#define PNG_HEADER_VERSION_STRING " libpng version 1.6.28 - January 5, 2017\n" #define PNG_LIBPNG_VER_SONUM 16 #define PNG_LIBPNG_VER_DLLNUM 16 @@ -320,7 +344,7 @@ /* These should match the first 3 components of PNG_LIBPNG_VER_STRING: */ #define PNG_LIBPNG_VER_MAJOR 1 #define PNG_LIBPNG_VER_MINOR 6 -#define PNG_LIBPNG_VER_RELEASE 20 +#define PNG_LIBPNG_VER_RELEASE 28 /* This should match the numeric part of the final component of * PNG_LIBPNG_VER_STRING, omitting any leading zero: @@ -351,20 +375,20 @@ * version 1.0.0 was mis-numbered 100 instead of 10000). From * version 1.0.1 it's xxyyzz, where x=major, y=minor, z=release */ -#define PNG_LIBPNG_VER 10620 /* 1.6.20 */ +#define PNG_LIBPNG_VER 10628 /* 1.6.28 */ /* Library configuration: these options cannot be changed after * the library has been built. */ #ifndef PNGLCONF_H - /* If pnglibconf.h is missing, you can - * copy scripts/pnglibconf.h.prebuilt to pnglibconf.h - */ +/* If pnglibconf.h is missing, you can + * copy scripts/pnglibconf.h.prebuilt to pnglibconf.h + */ # include "pnglibconf.h" #endif #ifndef PNG_VERSION_INFO_ONLY - /* Machine specific configuration. */ +/* Machine specific configuration. */ # include "pngconf.h" #endif @@ -461,7 +485,7 @@ /* This triggers a compiler error in png.c, if png.c and png.h * do not agree upon the version number. */ -typedef char* png_libpng_version_1_6_20; +typedef char* png_libpng_version_1_6_28; /* Basic control structions. Read libpng-manual.txt or libpng.3 for more info. * @@ -654,17 +678,17 @@ */ typedef struct png_unknown_chunk_t { - png_byte name[5]; /* Textual chunk name with '\0' terminator */ - png_byte *data; /* Data, should not be modified on read! */ - png_size_t size; - - /* On write 'location' must be set using the flag values listed below. - * Notice that on read it is set by libpng however the values stored have - * more bits set than are listed below. Always treat the value as a - * bitmask. On write set only one bit - setting multiple bits may cause the - * chunk to be written in multiple places. - */ - png_byte location; /* mode of operation at read time */ + png_byte name[5]; /* Textual chunk name with '\0' terminator */ + png_byte *data; /* Data, should not be modified on read! */ + png_size_t size; + + /* On write 'location' must be set using the flag values listed below. + * Notice that on read it is set by libpng however the values stored have + * more bits set than are listed below. Always treat the value as a + * bitmask. On write set only one bit - setting multiple bits may cause the + * chunk to be written in multiple places. + */ + png_byte location; /* mode of operation at read time */ } png_unknown_chunk; @@ -762,24 +786,22 @@ * data in the info_struct to be written into the output file. The values * of the PNG_INFO_<chunk> defines should NOT be changed. */ -#define PNG_INFO_gAMA 0x0001 -#define PNG_INFO_sBIT 0x0002 -#define PNG_INFO_cHRM 0x0004 -#define PNG_INFO_PLTE 0x0008 -#define PNG_INFO_tRNS 0x0010 -#define PNG_INFO_bKGD 0x0020 -#define PNG_INFO_hIST 0x0040 -#define PNG_INFO_pHYs 0x0080 -#define PNG_INFO_oFFs 0x0100 -#define PNG_INFO_tIME 0x0200 -#define PNG_INFO_pCAL 0x0400 -#define PNG_INFO_sRGB 0x0800 /* GR-P, 0.96a */ -#define PNG_INFO_iCCP 0x1000 /* ESR, 1.0.6 */ -#define PNG_INFO_sPLT 0x2000 /* ESR, 1.0.6 */ -#define PNG_INFO_sCAL 0x4000 /* ESR, 1.0.6 */ -#if INT_MAX >= 0x8000 /* else this might break */ -#define PNG_INFO_IDAT 0x8000 /* ESR, 1.0.6 */ -#endif +#define PNG_INFO_gAMA 0x0001U +#define PNG_INFO_sBIT 0x0002U +#define PNG_INFO_cHRM 0x0004U +#define PNG_INFO_PLTE 0x0008U +#define PNG_INFO_tRNS 0x0010U +#define PNG_INFO_bKGD 0x0020U +#define PNG_INFO_hIST 0x0040U +#define PNG_INFO_pHYs 0x0080U +#define PNG_INFO_oFFs 0x0100U +#define PNG_INFO_tIME 0x0200U +#define PNG_INFO_pCAL 0x0400U +#define PNG_INFO_sRGB 0x0800U /* GR-P, 0.96a */ +#define PNG_INFO_iCCP 0x1000U /* ESR, 1.0.6 */ +#define PNG_INFO_sPLT 0x2000U /* ESR, 1.0.6 */ +#define PNG_INFO_sCAL 0x4000U /* ESR, 1.0.6 */ +#define PNG_INFO_IDAT 0x8000U /* ESR, 1.0.6 */ /* This is used for the transformation routines, as some of them * change these values for the row. It also should enable using @@ -1350,7 +1372,7 @@ #endif #ifdef PNG_READ_STRIP_16_TO_8_SUPPORTED -#define PNG_READ_16_TO_8 SUPPORTED /* Name prior to 1.5.4 */ +#define PNG_READ_16_TO_8_SUPPORTED /* Name prior to 1.5.4 */ /* Strip the second byte of information from a 16-bit depth file. */ PNG_EXPORT(48, void, png_set_strip_16, (png_structrp png_ptr)); #endif @@ -1501,8 +1523,8 @@ #define PNG_FILTER_UP 0x20 #define PNG_FILTER_AVG 0x40 #define PNG_FILTER_PAETH 0x80 -#define PNG_ALL_FILTERS (PNG_FILTER_NONE | PNG_FILTER_SUB | PNG_FILTER_UP | \ - PNG_FILTER_AVG | PNG_FILTER_PAETH) +#define PNG_FAST_FILTERS (PNG_FILTER_NONE | PNG_FILTER_SUB | PNG_FILTER_UP) +#define PNG_ALL_FILTERS (PNG_FAST_FILTERS | PNG_FILTER_AVG | PNG_FILTER_PAETH) /* Filter values (not flags) - used in pngwrite.c, pngwutil.c for now. * These defines should NOT be changed. @@ -1779,21 +1801,21 @@ #define PNG_SET_WILL_FREE_DATA 1 #define PNG_USER_WILL_FREE_DATA 2 /* Flags for png_ptr->free_me and info_ptr->free_me */ -#define PNG_FREE_HIST 0x0008 -#define PNG_FREE_ICCP 0x0010 -#define PNG_FREE_SPLT 0x0020 -#define PNG_FREE_ROWS 0x0040 -#define PNG_FREE_PCAL 0x0080 -#define PNG_FREE_SCAL 0x0100 +#define PNG_FREE_HIST 0x0008U +#define PNG_FREE_ICCP 0x0010U +#define PNG_FREE_SPLT 0x0020U +#define PNG_FREE_ROWS 0x0040U +#define PNG_FREE_PCAL 0x0080U +#define PNG_FREE_SCAL 0x0100U #ifdef PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED -# define PNG_FREE_UNKN 0x0200 +# define PNG_FREE_UNKN 0x0200U #endif -/* PNG_FREE_LIST 0x0400 removed in 1.6.0 because it is ignored */ -#define PNG_FREE_PLTE 0x1000 -#define PNG_FREE_TRNS 0x2000 -#define PNG_FREE_TEXT 0x4000 -#define PNG_FREE_ALL 0x7fff -#define PNG_FREE_MUL 0x4220 /* PNG_FREE_SPLT|PNG_FREE_TEXT|PNG_FREE_UNKN */ +/* PNG_FREE_LIST 0x0400U removed in 1.6.0 because it is ignored */ +#define PNG_FREE_PLTE 0x1000U +#define PNG_FREE_TRNS 0x2000U +#define PNG_FREE_TEXT 0x4000U +#define PNG_FREE_ALL 0x7fffU +#define PNG_FREE_MUL 0x4220U /* PNG_FREE_SPLT|PNG_FREE_TEXT|PNG_FREE_UNKN */ #ifdef PNG_USER_MEM_SUPPORTED PNG_EXPORTA(100, png_voidp, png_malloc_default, (png_const_structrp png_ptr, @@ -2299,8 +2321,10 @@ * except for the IHDR, PLTE, tRNS, IDAT, and IEND chunks (which continue to * be processed by libpng. */ +#ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED PNG_EXPORT(172, void, png_set_keep_unknown_chunks, (png_structrp png_ptr, int keep, png_const_bytep chunk_list, int num_chunks)); +#endif /* HANDLE_AS_UNKNOWN */ /* The "keep" PNG_HANDLE_CHUNK_ parameter for the specified chunk is returned; * the result is therefore true (non-zero) if special handling is required, @@ -2308,7 +2332,7 @@ */ PNG_EXPORT(173, int, png_handle_as_unknown, (png_const_structrp png_ptr, png_const_bytep chunk_name)); -#endif +#endif /* SET_UNKNOWN_CHUNKS */ #ifdef PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED PNG_EXPORT(174, void, png_set_unknown_chunks, (png_const_structrp png_ptr, @@ -2529,33 +2553,37 @@ /* fg and bg should be in `gamma 1.0' space; alpha is the opacity */ -# define png_composite(composite, fg, alpha, bg) \ - { png_uint_16 temp = (png_uint_16)((png_uint_16)(fg) \ - * (png_uint_16)(alpha) \ - + (png_uint_16)(bg)*(png_uint_16)(255 \ - - (png_uint_16)(alpha)) + 128); \ - (composite) = (png_byte)(((temp + (temp >> 8)) >> 8) & 0xff); } - -# define png_composite_16(composite, fg, alpha, bg) \ - { png_uint_32 temp = (png_uint_32)((png_uint_32)(fg) \ - * (png_uint_32)(alpha) \ - + (png_uint_32)(bg)*(65535 \ - - (png_uint_32)(alpha)) + 32768); \ - (composite) = (png_uint_16)(0xffff & ((temp + (temp >> 16)) >> 16)); } +# define png_composite(composite, fg, alpha, bg) \ + { \ + png_uint_16 temp = (png_uint_16)((png_uint_16)(fg) \ + * (png_uint_16)(alpha) \ + + (png_uint_16)(bg)*(png_uint_16)(255 \ + - (png_uint_16)(alpha)) + 128); \ + (composite) = (png_byte)(((temp + (temp >> 8)) >> 8) & 0xff); \ + } + +# define png_composite_16(composite, fg, alpha, bg) \ + { \ + png_uint_32 temp = (png_uint_32)((png_uint_32)(fg) \ + * (png_uint_32)(alpha) \ + + (png_uint_32)(bg)*(65535 \ + - (png_uint_32)(alpha)) + 32768); \ + (composite) = (png_uint_16)(0xffff & ((temp + (temp >> 16)) >> 16)); \ + } #else /* Standard method using integer division */ -# define png_composite(composite, fg, alpha, bg) \ - (composite) = \ - (png_byte)(0xff & (((png_uint_16)(fg) * (png_uint_16)(alpha) + \ - (png_uint_16)(bg) * (png_uint_16)(255 - (png_uint_16)(alpha)) + \ - 127) / 255)) - -# define png_composite_16(composite, fg, alpha, bg) \ - (composite) = \ - (png_uint_16)(0xffff & (((png_uint_32)(fg) * (png_uint_32)(alpha) + \ - (png_uint_32)(bg)*(png_uint_32)(65535 - (png_uint_32)(alpha)) + \ - 32767) / 65535)) +# define png_composite(composite, fg, alpha, bg) \ + (composite) = \ + (png_byte)(0xff & (((png_uint_16)(fg) * (png_uint_16)(alpha) + \ + (png_uint_16)(bg) * (png_uint_16)(255 - (png_uint_16)(alpha)) + \ + 127) / 255)) + +# define png_composite_16(composite, fg, alpha, bg) \ + (composite) = \ + (png_uint_16)(0xffff & (((png_uint_32)(fg) * (png_uint_32)(alpha) + \ + (png_uint_32)(bg)*(png_uint_32)(65535 - (png_uint_32)(alpha)) + \ + 32767) / 65535)) #endif /* READ_COMPOSITE_NODIV */ #ifdef PNG_READ_INT_FUNCTIONS_SUPPORTED @@ -2591,38 +2619,38 @@ * format for negative values, which is almost certainly true. */ # define PNG_get_uint_32(buf) \ - (((png_uint_32)(*(buf)) << 24) + \ - ((png_uint_32)(*((buf) + 1)) << 16) + \ - ((png_uint_32)(*((buf) + 2)) << 8) + \ - ((png_uint_32)(*((buf) + 3)))) + (((png_uint_32)(*(buf)) << 24) + \ + ((png_uint_32)(*((buf) + 1)) << 16) + \ + ((png_uint_32)(*((buf) + 2)) << 8) + \ + ((png_uint_32)(*((buf) + 3)))) /* From libpng-1.4.0 until 1.4.4, the png_get_uint_16 macro (but not the * function) incorrectly returned a value of type png_uint_32. */ # define PNG_get_uint_16(buf) \ - ((png_uint_16) \ - (((unsigned int)(*(buf)) << 8) + \ - ((unsigned int)(*((buf) + 1))))) + ((png_uint_16) \ + (((unsigned int)(*(buf)) << 8) + \ + ((unsigned int)(*((buf) + 1))))) # define PNG_get_int_32(buf) \ - ((png_int_32)((*(buf) & 0x80) \ - ? -((png_int_32)(((png_get_uint_32(buf)^0xffffffffU)+1U)&0x7fffffffU)) \ - : (png_int_32)png_get_uint_32(buf))) - - /* If PNG_PREFIX is defined the same thing as below happens in pnglibconf.h, - * but defining a macro name prefixed with PNG_PREFIX. - */ + ((png_int_32)((*(buf) & 0x80) \ + ? -((png_int_32)(((png_get_uint_32(buf)^0xffffffffU)+1U)&0x7fffffffU)) \ + : (png_int_32)png_get_uint_32(buf))) + +/* If PNG_PREFIX is defined the same thing as below happens in pnglibconf.h, + * but defining a macro name prefixed with PNG_PREFIX. + */ # ifndef PNG_PREFIX -# define png_get_uint_32(buf) PNG_get_uint_32(buf) -# define png_get_uint_16(buf) PNG_get_uint_16(buf) -# define png_get_int_32(buf) PNG_get_int_32(buf) +# define png_get_uint_32(buf) PNG_get_uint_32(buf) +# define png_get_uint_16(buf) PNG_get_uint_16(buf) +# define png_get_int_32(buf) PNG_get_int_32(buf) # endif #else # ifdef PNG_PREFIX - /* No macros; revert to the (redefined) function */ -# define PNG_get_uint_32 (png_get_uint_32) -# define PNG_get_uint_16 (png_get_uint_16) -# define PNG_get_int_32 (png_get_int_32) + /* No macros; revert to the (redefined) function */ +# define PNG_get_uint_32 (png_get_uint_32) +# define PNG_get_uint_16 (png_get_uint_16) +# define PNG_get_int_32 (png_get_int_32) # endif #endif @@ -2917,12 +2945,19 @@ * is the minimum 'row stride', the minimum count of components between each * row. For a color-mapped image this is the minimum number of bytes in a * row. + * + * WARNING: this macro overflows for some images with more than one component + * and very large image widths. libpng will refuse to process an image where + * this macro would overflow. */ #define PNG_IMAGE_BUFFER_SIZE(image, row_stride)\ (PNG_IMAGE_PIXEL_COMPONENT_SIZE((image).format)*(image).height*(row_stride)) /* Return the size, in bytes, of an image buffer given a png_image and a row * stride - the number of components to leave space for in each row. + * + * WARNING: this macro overflows a 32-bit integer for some large PNG images, + * libpng will refuse to process an image where such an overflow would occur. */ #define PNG_IMAGE_SIZE(image)\ @@ -3043,7 +3078,6 @@ #endif /* SIMPLIFIED_READ */ #ifdef PNG_SIMPLIFIED_WRITE_SUPPORTED -#ifdef PNG_STDIO_SUPPORTED /* WRITE APIS * ---------- * For write you must initialize a png_image structure to describe the image to @@ -3060,6 +3094,7 @@ * values do not correspond to the colors in sRGB. * colormap_entries: set to the number of entries in the color-map (0 to 256) */ +#ifdef PNG_SIMPLIFIED_WRITE_STDIO_SUPPORTED PNG_EXPORT(239, int, png_image_write_to_file, (png_imagep image, const char *file, int convert_to_8bit, const void *buffer, png_int_32 row_stride, const void *colormap)); @@ -3069,8 +3104,9 @@ int convert_to_8_bit, const void *buffer, png_int_32 row_stride, const void *colormap)); /* Write the image to the given (FILE*). */ - -/* With both write APIs if image is in one of the linear formats with 16-bit +#endif /* SIMPLIFIED_WRITE_STDIO */ + +/* With all write APIs if image is in one of the linear formats with 16-bit * data then setting convert_to_8_bit will cause the output to be an 8-bit PNG * gamma encoded according to the sRGB specification, otherwise a 16-bit linear * encoded PNG file is written. @@ -3082,13 +3118,103 @@ * * With all APIs row_stride is handled as in the read APIs - it is the spacing * from one row to the next in component sized units (1 or 2 bytes) and if - * negative indicates a bottom-up row layout in the buffer. If row_stride is zero, - * libpng will calculate it for you from the image width and number of channels. + * negative indicates a bottom-up row layout in the buffer. If row_stride is + * zero, libpng will calculate it for you from the image width and number of + * channels. * - * Note that the write API does not support interlacing, sub-8-bit pixels, indexed - * PNG (color_type 3) or most ancillary chunks. + * Note that the write API does not support interlacing, sub-8-bit pixels or + * most ancillary chunks. If you need to write text chunks (e.g. for copyright + * notices) you need to use one of the other APIs. */ -#endif /* STDIO */ + +PNG_EXPORT(245, int, png_image_write_to_memory, (png_imagep image, void *memory, + png_alloc_size_t * PNG_RESTRICT memory_bytes, int convert_to_8_bit, + const void *buffer, png_int_32 row_stride, const void *colormap)); + /* Write the image to the given memory buffer. The function both writes the + * whole PNG data stream to *memory and updates *memory_bytes with the count + * of bytes written. + * + * 'memory' may be NULL. In this case *memory_bytes is not read however on + * success the number of bytes which would have been written will still be + * stored in *memory_bytes. On failure *memory_bytes will contain 0. + * + * If 'memory' is not NULL it must point to memory[*memory_bytes] of + * writeable memory. + * + * If the function returns success memory[*memory_bytes] (if 'memory' is not + * NULL) contains the written PNG data. *memory_bytes will always be less + * than or equal to the original value. + * + * If the function returns false and *memory_bytes was not changed an error + * occured during write. If *memory_bytes was changed, or is not 0 if + * 'memory' was NULL, the write would have succeeded but for the memory + * buffer being too small. *memory_bytes contains the required number of + * bytes and will be bigger that the original value. + */ + +#define png_image_write_get_memory_size(image, size, convert_to_8_bit, buffer,\ + row_stride, colormap)\ + png_image_write_to_memory(&(image), 0, &(size), convert_to_8_bit, buffer,\ + row_stride, colormap) + /* Return the amount of memory in 'size' required to compress this image. + * The png_image structure 'image' must be filled in as in the above + * function and must not be changed before the actual write call, the buffer + * and all other parameters must also be identical to that in the final + * write call. The 'size' variable need not be initialized. + * + * NOTE: the macro returns true/false, if false is returned 'size' will be + * set to zero and the write failed and probably will fail if tried again. + */ + +/* You can pre-allocate the buffer by making sure it is of sufficient size + * regardless of the amount of compression achieved. The buffer size will + * always be bigger than the original image and it will never be filled. The + * following macros are provided to assist in allocating the buffer. + */ +#define PNG_IMAGE_DATA_SIZE(image) (PNG_IMAGE_SIZE(image)+(image).height) + /* The number of uncompressed bytes in the PNG byte encoding of the image; + * uncompressing the PNG IDAT data will give this number of bytes. + * + * NOTE: while PNG_IMAGE_SIZE cannot overflow for an image in memory this + * macro can because of the extra bytes used in the PNG byte encoding. You + * need to avoid this macro if your image size approaches 2^30 in width or + * height. The same goes for the remainder of these macros; they all produce + * bigger numbers than the actual in-memory image size. + */ +#ifndef PNG_ZLIB_MAX_SIZE +# define PNG_ZLIB_MAX_SIZE(b) ((b)+(((b)+7U)>>3)+(((b)+63U)>>6)+11U) + /* An upper bound on the number of compressed bytes given 'b' uncompressed + * bytes. This is based on deflateBounds() in zlib; different + * implementations of zlib compression may conceivably produce more data so + * if your zlib implementation is not zlib itself redefine this macro + * appropriately. + */ +#endif + +#define PNG_IMAGE_COMPRESSED_SIZE_MAX(image)\ + PNG_ZLIB_MAX_SIZE((png_alloc_size_t)PNG_IMAGE_DATA_SIZE(image)) + /* An upper bound on the size of the data in the PNG IDAT chunks. */ + +#define PNG_IMAGE_PNG_SIZE_MAX_(image, image_size)\ + ((8U/*sig*/+25U/*IHDR*/+16U/*gAMA*/+44U/*cHRM*/+12U/*IEND*/+\ + (((image).format&PNG_FORMAT_FLAG_COLORMAP)?/*colormap: PLTE, tRNS*/\ + 12U+3U*(image).colormap_entries/*PLTE data*/+\ + (((image).format&PNG_FORMAT_FLAG_ALPHA)?\ + 12U/*tRNS*/+(image).colormap_entries:0U):0U)+\ + 12U)+(12U*((image_size)/PNG_ZBUF_SIZE))/*IDAT*/+(image_size)) + /* A helper for the following macro; if your compiler cannot handle the + * following macro use this one with the result of + * PNG_IMAGE_COMPRESSED_SIZE_MAX(image) as the second argument (most + * compilers should handle this just fine.) + */ + +#define PNG_IMAGE_PNG_SIZE_MAX(image)\ + PNG_IMAGE_PNG_SIZE_MAX_(image, PNG_IMAGE_COMPRESSED_SIZE_MAX(image)) + /* An upper bound on the total length of the PNG data stream for 'image'. + * The result is of type png_alloc_size_t, on 32-bit systems this may + * overflow even though PNG_IMAGE_DATA_SIZE does not overflow; the write will + * run out of buffer space but return a corrected size which should work. + */ #endif /* SIMPLIFIED_WRITE */ /******************************************************************************* * END OF SIMPLIFIED API @@ -3122,7 +3248,11 @@ #endif #define PNG_MAXIMUM_INFLATE_WINDOW 2 /* SOFTWARE: force maximum window */ #define PNG_SKIP_sRGB_CHECK_PROFILE 4 /* SOFTWARE: Check ICC profile for sRGB */ -#define PNG_OPTION_NEXT 6 /* Next option - numbers must be even */ +#ifdef PNG_MIPS_MSA_API_SUPPORTED +# define PNG_MIPS_MSA 6 /* HARDWARE: MIPS Msa SIMD instructions supported */ +#endif +#define PNG_IGNORE_ADLER32 8 +#define PNG_OPTION_NEXT 10 /* Next option - numbers must be even */ /* Return values: NOTE: there are four values and 'off' is *not* zero */ #define PNG_OPTION_UNSET 0 /* Unset - defaults to off */ @@ -3146,7 +3276,7 @@ * one to use is one more than this.) */ #ifdef PNG_EXPORT_LAST_ORDINAL - PNG_EXPORT_LAST_ORDINAL(244); + PNG_EXPORT_LAST_ORDINAL(245); #endif #ifdef __cplusplus
--- a/src/share/native/sun/awt/libpng/pngconf.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngconf.h Wed Jul 19 05:41:28 2017 +0100 @@ -29,9 +29,9 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * libpng version 1.6.20, December 3, 2015 + * libpng version 1.6.28, January 5, 2017 * - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -216,27 +216,27 @@ * compatible with GCC or Visual C because of different calling conventions. */ # if PNG_API_RULE == 2 - /* If this line results in an error, either because __watcall is not - * understood or because of a redefine just below you cannot use *this* - * build of the library with the compiler you are using. *This* build was - * build using Watcom and applications must also be built using Watcom! - */ + /* If this line results in an error, either because __watcall is not + * understood or because of a redefine just below you cannot use *this* + * build of the library with the compiler you are using. *This* build was + * build using Watcom and applications must also be built using Watcom! + */ # define PNGCAPI __watcall # endif # if defined(__GNUC__) || (defined(_MSC_VER) && (_MSC_VER >= 800)) # define PNGCAPI __cdecl # if PNG_API_RULE == 1 - /* If this line results in an error __stdcall is not understood and - * PNG_API_RULE should not have been set to '1'. - */ + /* If this line results in an error __stdcall is not understood and + * PNG_API_RULE should not have been set to '1'. + */ # define PNGAPI __stdcall # endif # else - /* An older compiler, or one not detected (erroneously) above, - * if necessary override on the command line to get the correct - * variants for the compiler. - */ + /* An older compiler, or one not detected (erroneously) above, + * if necessary override on the command line to get the correct + * variants for the compiler. + */ # ifndef PNGCAPI # define PNGCAPI _cdecl # endif @@ -253,10 +253,10 @@ # if (defined(_MSC_VER) && _MSC_VER < 800) ||\ (defined(__BORLANDC__) && __BORLANDC__ < 0x500) - /* older Borland and MSC - * compilers used '__export' and required this to be after - * the type. - */ + /* older Borland and MSC + * compilers used '__export' and required this to be after + * the type. + */ # ifndef PNG_EXPORT_TYPE # define PNG_EXPORT_TYPE(type) type PNG_IMPEXP # endif @@ -272,9 +272,9 @@ # if (defined(__IBMC__) || defined(__IBMCPP__)) && defined(__OS2__) # define PNGAPI _System # else /* !Windows/x86 && !OS/2 */ - /* Use the defaults, or define PNG*API on the command line (but - * this will have to be done for every compile!) - */ + /* Use the defaults, or define PNG*API on the command line (but + * this will have to be done for every compile!) + */ # endif /* other system, !OS/2 */ #endif /* !Windows/x86 */ @@ -295,7 +295,7 @@ */ #ifndef PNG_IMPEXP # if defined(PNG_USE_DLL) && defined(PNG_DLL_IMPORT) - /* This forces use of a DLL, disallowing static linking */ + /* This forces use of a DLL, disallowing static linking */ # define PNG_IMPEXP PNG_DLL_IMPORT # endif @@ -368,7 +368,7 @@ * less efficient code. */ # if defined(__clang__) && defined(__has_attribute) - /* Clang defines both __clang__ and __GNUC__. Check __clang__ first. */ + /* Clang defines both __clang__ and __GNUC__. Check __clang__ first. */ # if !defined(PNG_USE_RESULT) && __has_attribute(__warn_unused_result__) # define PNG_USE_RESULT __attribute__((__warn_unused_result__)) # endif @@ -535,9 +535,9 @@ # error "libpng requires a signed 32-bit (or more) type" #endif -#if UINT_MAX > 4294967294 +#if UINT_MAX > 4294967294U typedef unsigned int png_uint_32; -#elif ULONG_MAX > 4294967294 +#elif ULONG_MAX > 4294967294U typedef unsigned long int png_uint_32; #else # error "libpng requires an unsigned 32-bit (or more) type"
--- a/src/share/native/sun/awt/libpng/pngdebug.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngdebug.h Wed Jul 19 05:41:28 2017 +0100 @@ -30,7 +30,7 @@ * file and, per its terms, should not be removed: * * Last changed in libpng 1.6.8 [December 19, 2013] - * Copyright (c) 1998-2013 Glenn Randers-Pehrson + * Copyright (c) 1998-2002,2004,2006-2013 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) *
--- a/src/share/native/sun/awt/libpng/pngerror.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngerror.c Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.26 [October 20, 2016] + * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -54,7 +54,7 @@ #ifdef PNG_WARNINGS_SUPPORTED static void /* PRIVATE */ png_default_warning PNGARG((png_const_structrp png_ptr, - png_const_charp warning_message)); + png_const_charp warning_message)); #endif /* WARNINGS */ /* This function is called whenever there is a fatal error. This function @@ -65,14 +65,14 @@ #ifdef PNG_ERROR_TEXT_SUPPORTED PNG_FUNCTION(void,PNGAPI png_error,(png_const_structrp png_ptr, png_const_charp error_message), - PNG_NORETURN) + PNG_NORETURN) { #ifdef PNG_ERROR_NUMBERS_SUPPORTED char msg[16]; if (png_ptr != NULL) { if ((png_ptr->flags & - (PNG_FLAG_STRIP_ERROR_NUMBERS|PNG_FLAG_STRIP_ERROR_TEXT)) != 0 + (PNG_FLAG_STRIP_ERROR_NUMBERS|PNG_FLAG_STRIP_ERROR_TEXT)) != 0) { if (*error_message == PNG_LITERAL_SHARP) { @@ -93,18 +93,18 @@ else error_message += offset; - } + } - else - { - if ((png_ptr->flags & PNG_FLAG_STRIP_ERROR_TEXT) != 0) + else { - msg[0] = '0'; - msg[1] = '\0'; - error_message = msg; + if ((png_ptr->flags & PNG_FLAG_STRIP_ERROR_TEXT) != 0) + { + msg[0] = '0'; + msg[1] = '\0'; + error_message = msg; + } } - } - } + } } #endif if (png_ptr != NULL && png_ptr->error_fn != NULL) @@ -138,7 +138,7 @@ */ size_t png_safecat(png_charp buffer, size_t bufsize, size_t pos, - png_const_charp string) + png_const_charp string) { if (buffer != NULL && pos < bufsize) { @@ -159,7 +159,7 @@ */ png_charp png_format_number(png_const_charp start, png_charp end, int format, - png_alloc_size_t number) + png_alloc_size_t number) { int count = 0; /* number of digits output */ int mincount = 1; /* minimum number required */ @@ -261,7 +261,7 @@ } if (png_ptr != NULL && png_ptr->warning_fn != NULL) (*(png_ptr->warning_fn))(png_constcast(png_structrp,png_ptr), - warning_message + offset); + warning_message + offset); else png_default_warning(png_ptr, warning_message + offset); } @@ -273,7 +273,7 @@ */ void png_warning_parameter(png_warning_parameters p, int number, - png_const_charp string) + png_const_charp string) { if (number > 0 && number <= PNG_WARNING_PARAMETER_COUNT) (void)png_safecat(p[number-1], (sizeof p[number-1]), 0, string); @@ -281,7 +281,7 @@ void png_warning_parameter_unsigned(png_warning_parameters p, int number, int format, - png_alloc_size_t value) + png_alloc_size_t value) { char buffer[PNG_NUMBER_BUFFER_SIZE]; png_warning_parameter(p, number, PNG_FORMAT_NUMBER(buffer, format, value)); @@ -289,7 +289,7 @@ void png_warning_parameter_signed(png_warning_parameters p, int number, int format, - png_int_32 value) + png_int_32 value) { png_alloc_size_t u; png_charp str; @@ -310,7 +310,7 @@ void png_formatted_warning(png_const_structrp png_ptr, png_warning_parameters p, - png_const_charp message) + png_const_charp message) { /* The internal buffer is just 192 bytes - enough for all our messages, * overflow doesn't happen because this code checks! If someone figures @@ -419,10 +419,10 @@ void /* PRIVATE */ png_app_warning(png_const_structrp png_ptr, png_const_charp error_message) { - if ((png_ptr->flags & PNG_FLAG_APP_WARNINGS_WARN) != 0) - png_warning(png_ptr, error_message); - else - png_error(png_ptr, error_message); + if ((png_ptr->flags & PNG_FLAG_APP_WARNINGS_WARN) != 0) + png_warning(png_ptr, error_message); + else + png_error(png_ptr, error_message); # ifndef PNG_ERROR_TEXT_SUPPORTED PNG_UNUSED(error_message) @@ -432,10 +432,10 @@ void /* PRIVATE */ png_app_error(png_const_structrp png_ptr, png_const_charp error_message) { - if ((png_ptr->flags & PNG_FLAG_APP_ERRORS_WARN) != 0) - png_warning(png_ptr, error_message); - else - png_error(png_ptr, error_message); + if ((png_ptr->flags & PNG_FLAG_APP_ERRORS_WARN) != 0) + png_warning(png_ptr, error_message); + else + png_error(png_ptr, error_message); # ifndef PNG_ERROR_TEXT_SUPPORTED PNG_UNUSED(error_message) @@ -506,7 +506,7 @@ #if defined(PNG_READ_SUPPORTED) && defined(PNG_ERROR_TEXT_SUPPORTED) PNG_FUNCTION(void,PNGAPI png_chunk_error,(png_const_structrp png_ptr, png_const_charp error_message), - PNG_NORETURN) + PNG_NORETURN) { char msg[18+PNG_MAX_ERROR_TEXT]; if (png_ptr == NULL) @@ -601,7 +601,7 @@ { # define fixed_message "fixed point overflow in " # define fixed_message_ln ((sizeof fixed_message)-1) - int iin; + unsigned int iin; char msg[fixed_message_ln+PNG_MAX_ERROR_TEXT]; memcpy(msg, fixed_message, fixed_message_ln); iin = 0; @@ -648,7 +648,7 @@ else { png_ptr->jmp_buf_ptr = png_voidcast(jmp_buf *, - png_malloc_warn(png_ptr, jmp_buf_size)); + png_malloc_warn(png_ptr, jmp_buf_size)); if (png_ptr->jmp_buf_ptr == NULL) return NULL; /* new NULL return on OOM */ @@ -737,7 +737,7 @@ */ static PNG_FUNCTION(void /* PRIVATE */, png_default_error,(png_const_structrp png_ptr, png_const_charp error_message), - PNG_NORETURN) + PNG_NORETURN) { #ifdef PNG_CONSOLE_IO_SUPPORTED #ifdef PNG_ERROR_NUMBERS_SUPPORTED @@ -911,7 +911,7 @@ */ PNG_FUNCTION(void /* PRIVATE */, (PNGCBAPI png_safe_error),(png_structp png_nonconst_ptr, png_const_charp error_message), - PNG_NORETURN) + PNG_NORETURN) { const png_const_structrp png_ptr = png_nonconst_ptr; png_imagep image = png_voidcast(png_imagep, png_ptr->error_ptr); @@ -934,7 +934,7 @@ /* Missing longjmp buffer, the following is to help debugging: */ { size_t pos = png_safecat(image->message, (sizeof image->message), 0, - "bad longjmp: "); + "bad longjmp: "); png_safecat(image->message, (sizeof image->message), pos, error_message); }
--- a/src/share/native/sun/awt/libpng/pngget.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngget.c Wed Jul 19 05:41:28 2017 +0100 @@ -28,9 +28,9 @@ * License version 2 only, as published by the Free Software Foundation. * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: - * - * Last changed in libpng 1.6.17 [March 26, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + + * Last changed in libpng 1.6.26 [October 20, 2016] + * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -366,7 +366,7 @@ png_fixed_point result; if (ppm <= PNG_UINT_31_MAX && png_muldiv(&result, (png_int_32)ppm, 127, 5000) != 0) - return result; + return (png_uint_32)result; /* Overflow. */ return 0; @@ -484,11 +484,11 @@ return (retval); } #endif /* pHYs */ -#endif /* INCH_CONVERSIONS */ +#endif /* INCH_CONVERSIONS */ /* png_get_channels really belongs in here, too, but it's been around longer */ -#endif /* EASY_ACCESS */ +#endif /* EASY_ACCESS */ png_byte PNGAPI @@ -514,7 +514,7 @@ #ifdef PNG_bKGD_SUPPORTED png_uint_32 PNGAPI png_get_bKGD(png_const_structrp png_ptr, png_inforp info_ptr, - png_color_16p *background) + png_color_16p *background) { if (png_ptr != NULL && info_ptr != NULL && (info_ptr->valid & PNG_INFO_bKGD) != 0 && @@ -554,28 +554,28 @@ if (white_x != NULL) *white_x = png_float(png_ptr, - info_ptr->colorspace.end_points_xy.whitex, "cHRM white X"); + info_ptr->colorspace.end_points_xy.whitex, "cHRM white X"); if (white_y != NULL) *white_y = png_float(png_ptr, - info_ptr->colorspace.end_points_xy.whitey, "cHRM white Y"); + info_ptr->colorspace.end_points_xy.whitey, "cHRM white Y"); if (red_x != NULL) *red_x = png_float(png_ptr, info_ptr->colorspace.end_points_xy.redx, - "cHRM red X"); + "cHRM red X"); if (red_y != NULL) *red_y = png_float(png_ptr, info_ptr->colorspace.end_points_xy.redy, - "cHRM red Y"); + "cHRM red Y"); if (green_x != NULL) *green_x = png_float(png_ptr, - info_ptr->colorspace.end_points_xy.greenx, "cHRM green X"); + info_ptr->colorspace.end_points_xy.greenx, "cHRM green X"); if (green_y != NULL) *green_y = png_float(png_ptr, - info_ptr->colorspace.end_points_xy.greeny, "cHRM green Y"); + info_ptr->colorspace.end_points_xy.greeny, "cHRM green Y"); if (blue_x != NULL) *blue_x = png_float(png_ptr, info_ptr->colorspace.end_points_xy.bluex, - "cHRM blue X"); + "cHRM blue X"); if (blue_y != NULL) *blue_y = png_float(png_ptr, info_ptr->colorspace.end_points_xy.bluey, - "cHRM blue Y"); + "cHRM blue Y"); return (PNG_INFO_cHRM); } @@ -584,42 +584,42 @@ png_uint_32 PNGAPI png_get_cHRM_XYZ(png_const_structrp png_ptr, png_const_inforp info_ptr, - double *red_X, double *red_Y, double *red_Z, double *green_X, - double *green_Y, double *green_Z, double *blue_X, double *blue_Y, - double *blue_Z) + double *red_X, double *red_Y, double *red_Z, double *green_X, + double *green_Y, double *green_Z, double *blue_X, double *blue_Y, + double *blue_Z) { if (png_ptr != NULL && info_ptr != NULL && - (info_ptr->colorspace.flags & PNG_COLORSPACE_HAVE_ENDPOINTS) != 0) + (info_ptr->colorspace.flags & PNG_COLORSPACE_HAVE_ENDPOINTS) != 0) { png_debug1(1, "in %s retrieval function", "cHRM_XYZ(float)"); if (red_X != NULL) *red_X = png_float(png_ptr, info_ptr->colorspace.end_points_XYZ.red_X, - "cHRM red X"); + "cHRM red X"); if (red_Y != NULL) *red_Y = png_float(png_ptr, info_ptr->colorspace.end_points_XYZ.red_Y, - "cHRM red Y"); + "cHRM red Y"); if (red_Z != NULL) *red_Z = png_float(png_ptr, info_ptr->colorspace.end_points_XYZ.red_Z, - "cHRM red Z"); + "cHRM red Z"); if (green_X != NULL) *green_X = png_float(png_ptr, - info_ptr->colorspace.end_points_XYZ.green_X, "cHRM green X"); + info_ptr->colorspace.end_points_XYZ.green_X, "cHRM green X"); if (green_Y != NULL) *green_Y = png_float(png_ptr, - info_ptr->colorspace.end_points_XYZ.green_Y, "cHRM green Y"); + info_ptr->colorspace.end_points_XYZ.green_Y, "cHRM green Y"); if (green_Z != NULL) *green_Z = png_float(png_ptr, - info_ptr->colorspace.end_points_XYZ.green_Z, "cHRM green Z"); + info_ptr->colorspace.end_points_XYZ.green_Z, "cHRM green Z"); if (blue_X != NULL) *blue_X = png_float(png_ptr, - info_ptr->colorspace.end_points_XYZ.blue_X, "cHRM blue X"); + info_ptr->colorspace.end_points_XYZ.blue_X, "cHRM blue X"); if (blue_Y != NULL) *blue_Y = png_float(png_ptr, - info_ptr->colorspace.end_points_XYZ.blue_Y, "cHRM blue Y"); + info_ptr->colorspace.end_points_XYZ.blue_Y, "cHRM blue Y"); if (blue_Z != NULL) *blue_Z = png_float(png_ptr, - info_ptr->colorspace.end_points_XYZ.blue_Z, "cHRM blue Z"); + info_ptr->colorspace.end_points_XYZ.blue_Z, "cHRM blue Z"); return (PNG_INFO_cHRM); } @@ -709,8 +709,8 @@ png_debug1(1, "in %s retrieval function", "gAMA"); if (png_ptr != NULL && info_ptr != NULL && - (info_ptr->colorspace.flags & PNG_COLORSPACE_HAVE_GAMMA) != 0 && - file_gamma != NULL) + (info_ptr->colorspace.flags & PNG_COLORSPACE_HAVE_GAMMA) != 0 && + file_gamma != NULL) { *file_gamma = info_ptr->colorspace.gamma; return (PNG_INFO_gAMA); @@ -732,7 +732,7 @@ file_gamma != NULL) { *file_gamma = png_float(png_ptr, info_ptr->colorspace.gamma, - "png_get_gAMA"); + "png_get_gAMA"); return (PNG_INFO_gAMA); } @@ -929,7 +929,7 @@ */ *width = png_fixed(png_ptr, atof(info_ptr->scal_s_width), "sCAL width"); *height = png_fixed(png_ptr, atof(info_ptr->scal_s_height), - "sCAL height"); + "sCAL height"); return (PNG_INFO_sCAL); } @@ -1170,19 +1170,19 @@ return 0; #ifdef PNG_WRITE_SUPPORTED - if ((png_ptr->mode & PNG_IS_READ_STRUCT) != 0) + if ((png_ptr->mode & PNG_IS_READ_STRUCT) != 0) #endif { #ifdef PNG_SEQUENTIAL_READ_SUPPORTED - return png_ptr->IDAT_read_size; + return png_ptr->IDAT_read_size; #else - return PNG_IDAT_READ_SIZE; + return PNG_IDAT_READ_SIZE; #endif } #ifdef PNG_WRITE_SUPPORTED - else - return png_ptr->zbuffer_size; + else + return png_ptr->zbuffer_size; #endif }
--- a/src/share/native/sun/awt/libpng/pnginfo.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pnginfo.h Wed Jul 19 05:41:28 2017 +0100 @@ -30,7 +30,7 @@ * file and, per its terms, should not be removed: * * Last changed in libpng 1.6.1 [March 28, 2013] - * Copyright (c) 1998-2013 Glenn Randers-Pehrson + * Copyright (c) 1998-2002,2004,2006-2013 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) *
--- a/src/share/native/sun/awt/libpng/pnglibconf.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pnglibconf.h Wed Jul 19 05:41:28 2017 +0100 @@ -27,16 +27,15 @@ /* libpng STANDARD API DEFINITION */ /* pnglibconf.h - library build configuration */ - /* This file is available under and governed by the GNU General Public * License version 2 only, as published by the Free Software Foundation. * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: */ -/* libpng version 1.6.20, December 3, 2015 */ +/* libpng version 1.6.28, January 5, 2017 */ -/* Copyright (c) 1998-2014 Glenn Randers-Pehrson */ +/* Copyright (c) 1998-2016 Glenn Randers-Pehrson */ /* This code is released under the libpng license. */ /* For conditions of distribution and use, see the disclaimer */ @@ -84,7 +83,7 @@ #define PNG_READ_BGR_SUPPORTED #define PNG_READ_CHECK_FOR_INVALID_INDEX_SUPPORTED #define PNG_READ_COMPOSITE_NODIV_SUPPORTED -#define PNG_READ_COMPRESSED_TEXT_SUPPORTED +/*#undef PNG_READ_COMPRESSED_TEXT_SUPPORTED*/ #define PNG_READ_EXPAND_16_SUPPORTED #define PNG_READ_EXPAND_SUPPORTED #define PNG_READ_FILLER_SUPPORTED @@ -116,8 +115,8 @@ #define PNG_READ_cHRM_SUPPORTED #define PNG_READ_gAMA_SUPPORTED #define PNG_READ_hIST_SUPPORTED -#define PNG_READ_iCCP_SUPPORTED -#define PNG_READ_iTXt_SUPPORTED +/*#undef PNG_READ_iCCP_SUPPORTED*/ +/*#undef PNG_READ_iTXt_SUPPORTED*/ #define PNG_READ_oFFs_SUPPORTED #define PNG_READ_pCAL_SUPPORTED #define PNG_READ_pHYs_SUPPORTED @@ -128,7 +127,7 @@ #define PNG_READ_tEXt_SUPPORTED #define PNG_READ_tIME_SUPPORTED #define PNG_READ_tRNS_SUPPORTED -#define PNG_READ_zTXt_SUPPORTED +/*#undef PNG_READ_zTXt_SUPPORTED*/ /*#undef PNG_SAVE_INT_32_SUPPORTED*/ #define PNG_SAVE_UNKNOWN_CHUNKS_SUPPORTED #define PNG_SEQUENTIAL_READ_SUPPORTED @@ -141,6 +140,7 @@ #define PNG_SIMPLIFIED_READ_SUPPORTED /*#undef PNG_SIMPLIFIED_WRITE_AFIRST_SUPPORTED*/ /*#undef PNG_SIMPLIFIED_WRITE_BGR_SUPPORTED*/ +/*#undef PNG_SIMPLIFIED_WRITE_STDIO_SUPPORTED*/ /*#undef PNG_SIMPLIFIED_WRITE_SUPPORTED*/ #define PNG_STDIO_SUPPORTED #define PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED @@ -231,10 +231,10 @@ #define PNG_QUANTIZE_RED_BITS 5 #define PNG_TEXT_Z_DEFAULT_COMPRESSION (-1) #define PNG_TEXT_Z_DEFAULT_STRATEGY 0 -#define PNG_USER_CHUNK_CACHE_MAX 0 -#define PNG_USER_CHUNK_MALLOC_MAX 0 -#define PNG_USER_HEIGHT_MAX 1000000 -#define PNG_USER_WIDTH_MAX 1000000 +#define PNG_USER_CHUNK_CACHE_MAX 1000 +#define PNG_USER_CHUNK_MALLOC_MAX 8000000 +#define PNG_USER_HEIGHT_MAX 8000 +#define PNG_USER_WIDTH_MAX 8000 #define PNG_ZBUF_SIZE 8192 #define PNG_ZLIB_VERNUM 0 #define PNG_Z_DEFAULT_COMPRESSION (-1)
--- a/src/share/native/sun/awt/libpng/pngmem.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngmem.c Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.26 [October 20, 2016] + * Copyright (c) 1998-2002,2004,2006-2014,2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -94,7 +94,7 @@ */ PNG_FUNCTION(png_voidp /* PRIVATE */, png_malloc_base,(png_const_structrp png_ptr, png_alloc_size_t size), - PNG_ALLOCATED) + PNG_ALLOCATED) { /* Moved to png_malloc_base from png_malloc_default in 1.6.0; the DOS * allocators have also been removed in 1.6.0, so any 16-bit system now has @@ -135,9 +135,9 @@ */ static png_voidp png_malloc_array_checked(png_const_structrp png_ptr, int nelements, - size_t element_size) + size_t element_size) { - png_alloc_size_t req = nelements; /* known to be > 0 */ + png_alloc_size_t req = (png_alloc_size_t)nelements; /* known to be > 0 */ if (req <= PNG_SIZE_MAX/element_size) return png_malloc_base(png_ptr, req * element_size); @@ -148,7 +148,7 @@ PNG_FUNCTION(png_voidp /* PRIVATE */, png_malloc_array,(png_const_structrp png_ptr, int nelements, - size_t element_size),PNG_ALLOCATED) + size_t element_size),PNG_ALLOCATED) { if (nelements <= 0 || element_size == 0) png_error(png_ptr, "internal error: array alloc"); @@ -158,7 +158,7 @@ PNG_FUNCTION(png_voidp /* PRIVATE */, png_realloc_array,(png_const_structrp png_ptr, png_const_voidp old_array, - int old_elements, int add_elements, size_t element_size),PNG_ALLOCATED) + int old_elements, int add_elements, size_t element_size),PNG_ALLOCATED) { /* These are internal errors: */ if (add_elements <= 0 || element_size == 0 || old_elements < 0 || @@ -171,7 +171,7 @@ if (add_elements <= INT_MAX - old_elements) { png_voidp new_array = png_malloc_array_checked(png_ptr, - old_elements+add_elements, element_size); + old_elements+add_elements, element_size); if (new_array != NULL) { @@ -182,7 +182,7 @@ memcpy(new_array, old_array, element_size*(unsigned)old_elements); memset((char*)new_array + element_size*(unsigned)old_elements, 0, - element_size*(unsigned)add_elements); + element_size*(unsigned)add_elements); return new_array; } @@ -215,7 +215,7 @@ #ifdef PNG_USER_MEM_SUPPORTED PNG_FUNCTION(png_voidp,PNGAPI png_malloc_default,(png_const_structrp png_ptr, png_alloc_size_t size), - PNG_ALLOCATED PNG_DEPRECATED) + PNG_ALLOCATED PNG_DEPRECATED) { png_voidp ret; @@ -238,7 +238,7 @@ */ PNG_FUNCTION(png_voidp,PNGAPI png_malloc_warn,(png_const_structrp png_ptr, png_alloc_size_t size), - PNG_ALLOCATED) + PNG_ALLOCATED) { if (png_ptr != NULL) {
--- a/src/share/native/sun/awt/libpng/pngpread.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngpread.c Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.18 [July 23, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.24 [August 4, 2016] + * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -105,11 +105,11 @@ png_uint_32 PNGAPI png_process_data_skip(png_structrp png_ptr) { - /* TODO: Deprecate and remove this API. - * Somewhere the implementation of this seems to have been lost, - * or abandoned. It was only to support some internal back-door access - * to png_struct) in libpng-1.4.x. - */ +/* TODO: Deprecate and remove this API. + * Somewhere the implementation of this seems to have been lost, + * or abandoned. It was only to support some internal back-door access + * to png_struct) in libpng-1.4.x. + */ png_app_warning(png_ptr, "png_process_data_skip is not implemented in any current version of libpng"); return 0; @@ -238,12 +238,14 @@ (png_ptr->mode & PNG_HAVE_PLTE) == 0) png_error(png_ptr, "Missing PLTE before IDAT"); - png_ptr->mode |= PNG_HAVE_IDAT; png_ptr->process_mode = PNG_READ_IDAT_MODE; - if ((png_ptr->mode & PNG_HAVE_CHUNK_AFTER_IDAT) == 0) - if (png_ptr->push_length == 0) - return; + if ((png_ptr->mode & PNG_HAVE_IDAT) != 0) + if ((png_ptr->mode & PNG_HAVE_CHUNK_AFTER_IDAT) == 0) + if (png_ptr->push_length == 0) + return; + + png_ptr->mode |= PNG_HAVE_IDAT; if ((png_ptr->mode & PNG_AFTER_IDAT) != 0) png_benign_error(png_ptr, "Too many IDATs found"); @@ -436,7 +438,7 @@ { PNG_PUSH_SAVE_BUFFER_IF_FULL png_handle_unknown(png_ptr, info_ptr, png_ptr->push_length, - PNG_HANDLE_CHUNK_AS_DEFAULT); + PNG_HANDLE_CHUNK_AS_DEFAULT); } png_ptr->mode &= ~PNG_HAVE_CHUNK_HEADER; @@ -527,7 +529,10 @@ png_error(png_ptr, "Insufficient memory for save_buffer"); } - memcpy(png_ptr->save_buffer, old_buffer, png_ptr->save_buffer_size); + if (old_buffer) + memcpy(png_ptr->save_buffer, old_buffer, png_ptr->save_buffer_size); + else if (png_ptr->save_buffer_size) + png_error(png_ptr, "save_buffer error"); png_free(png_ptr, old_buffer); png_ptr->save_buffer_max = new_max; } @@ -544,7 +549,7 @@ void /* PRIVATE */ png_push_restore_buffer(png_structrp png_ptr, png_bytep buffer, - png_size_t buffer_length) + png_size_t buffer_length) { png_ptr->current_buffer = buffer; png_ptr->current_buffer_size = buffer_length; @@ -647,7 +652,7 @@ void /* PRIVATE */ png_process_IDAT_data(png_structrp png_ptr, png_bytep buffer, - png_size_t buffer_length) + png_size_t buffer_length) { /* The caller checks for a non-zero buffer length. */ if (!(buffer_length > 0) || buffer == NULL) @@ -707,7 +712,12 @@ png_warning(png_ptr, "Truncated compressed data in IDAT"); else - png_error(png_ptr, "Decompression error in IDAT"); + { + if (ret == Z_DATA_ERROR) + png_benign_error(png_ptr, "IDAT: ADLER32 checksum mismatch"); + else + png_error(png_ptr, "Decompression error in IDAT"); + } /* Skip the check on unprocessed input */ return; @@ -805,7 +815,7 @@ { if (png_ptr->pass < 6) png_do_read_interlace(&row_info, png_ptr->row_buf + 1, png_ptr->pass, - png_ptr->transformations); + png_ptr->transformations); switch (png_ptr->pass) { @@ -1067,7 +1077,7 @@ { if (png_ptr->row_fn != NULL) (*(png_ptr->row_fn))(png_ptr, row, png_ptr->row_number, - (int)png_ptr->pass); + (int)png_ptr->pass); } #ifdef PNG_READ_INTERLACING_SUPPORTED
--- a/src/share/native/sun/awt/libpng/pngpriv.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngpriv.h Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.18 [July 23, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.26 [October 20, 2016] + * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -210,6 +210,35 @@ # endif #endif /* PNG_ARM_NEON_OPT > 0 */ +#ifndef PNG_MIPS_MSA_OPT +# if defined(__mips_msa) && (__mips_isa_rev >= 5) && defined(PNG_ALIGNED_MEMORY_SUPPORTED) +# define PNG_MIPS_MSA_OPT 2 +# else +# define PNG_MIPS_MSA_OPT 0 +# endif +#endif + +#if PNG_MIPS_MSA_OPT > 0 +# define PNG_FILTER_OPTIMIZATIONS png_init_filter_functions_msa +# ifndef PNG_MIPS_MSA_IMPLEMENTATION +# if defined(__mips_msa) +# if defined(__clang__) +# elif defined(__GNUC__) +# if __GNUC__ < 4 || (__GNUC__ == 4 && __GNUC_MINOR__ < 7) +# define PNG_MIPS_MSA_IMPLEMENTATION 2 +# endif /* no GNUC support */ +# endif /* __GNUC__ */ +# else /* !defined __mips_msa */ +# define PNG_MIPS_MSA_IMPLEMENTATION 2 +# endif /* __mips_msa */ +# endif /* !PNG_MIPS_MSA_IMPLEMENTATION */ + +# ifndef PNG_MIPS_MSA_IMPLEMENTATION +# define PNG_MIPS_MSA_IMPLEMENTATION 1 +# endif +#endif /* PNG_MIPS_MSA_OPT > 0 */ + + /* Is this a build of a DLL where compilation of the object modules requires * different preprocessor settings to those required for a simple library? If * so PNG_BUILD_DLL must be set. @@ -448,10 +477,10 @@ # if (defined(__MWERKS__) && defined(macintosh)) || defined(applec) || \ defined(THINK_C) || defined(__SC__) || defined(TARGET_OS_MAC) - /* We need to check that <math.h> hasn't already been included earlier - * as it seems it doesn't agree with <fp.h>, yet we should really use - * <fp.h> if possible. - */ + /* We need to check that <math.h> hasn't already been included earlier + * as it seems it doesn't agree with <fp.h>, yet we should really use + * <fp.h> if possible. + */ # if !defined(__MATH_H__) && !defined(__MATH_H) && !defined(__cmath__) # include <fp.h> # endif @@ -459,9 +488,9 @@ # include <math.h> # endif # if defined(_AMIGA) && defined(__SASC) && defined(_M68881) - /* Amiga SAS/C: We must include builtin FPU functions when compiling using - * MATH=68881 - */ + /* Amiga SAS/C: We must include builtin FPU functions when compiling using + * MATH=68881 + */ # include <m68881.h> # endif #endif @@ -532,7 +561,8 @@ /* This implicitly assumes alignment is always to a power of 2. */ #ifdef png_alignof # define png_isaligned(ptr, type)\ - ((((const char*)ptr-(const char*)0) & (png_alignof(type)-1)) == 0) + (((type)((const char*)ptr-(const char*)0) & \ + (type)(png_alignof(type)-1)) == 0) #else # define png_isaligned(ptr, type) 0 #endif @@ -549,92 +579,92 @@ * are defined in png.h because they need to be visible to applications * that call png_set_unknown_chunk(). */ -/* #define PNG_HAVE_IHDR 0x01 (defined in png.h) */ -/* #define PNG_HAVE_PLTE 0x02 (defined in png.h) */ -#define PNG_HAVE_IDAT 0x04 -/* #define PNG_AFTER_IDAT 0x08 (defined in png.h) */ -#define PNG_HAVE_IEND 0x10 - /* 0x20 (unused) */ - /* 0x40 (unused) */ - /* 0x80 (unused) */ -#define PNG_HAVE_CHUNK_HEADER 0x100 -#define PNG_WROTE_tIME 0x200 -#define PNG_WROTE_INFO_BEFORE_PLTE 0x400 -#define PNG_BACKGROUND_IS_GRAY 0x800 -#define PNG_HAVE_PNG_SIGNATURE 0x1000 -#define PNG_HAVE_CHUNK_AFTER_IDAT 0x2000 /* Have another chunk after IDAT */ - /* 0x4000 (unused) */ -#define PNG_IS_READ_STRUCT 0x8000 /* Else is a write struct */ +/* #define PNG_HAVE_IHDR 0x01U (defined in png.h) */ +/* #define PNG_HAVE_PLTE 0x02U (defined in png.h) */ +#define PNG_HAVE_IDAT 0x04U +/* #define PNG_AFTER_IDAT 0x08U (defined in png.h) */ +#define PNG_HAVE_IEND 0x10U + /* 0x20U (unused) */ + /* 0x40U (unused) */ + /* 0x80U (unused) */ +#define PNG_HAVE_CHUNK_HEADER 0x100U +#define PNG_WROTE_tIME 0x200U +#define PNG_WROTE_INFO_BEFORE_PLTE 0x400U +#define PNG_BACKGROUND_IS_GRAY 0x800U +#define PNG_HAVE_PNG_SIGNATURE 0x1000U +#define PNG_HAVE_CHUNK_AFTER_IDAT 0x2000U /* Have another chunk after IDAT */ + /* 0x4000U (unused) */ +#define PNG_IS_READ_STRUCT 0x8000U /* Else is a write struct */ /* Flags for the transformations the PNG library does on the image data */ -#define PNG_BGR 0x0001 -#define PNG_INTERLACE 0x0002 -#define PNG_PACK 0x0004 -#define PNG_SHIFT 0x0008 -#define PNG_SWAP_BYTES 0x0010 -#define PNG_INVERT_MONO 0x0020 -#define PNG_QUANTIZE 0x0040 -#define PNG_COMPOSE 0x0080 /* Was PNG_BACKGROUND */ -#define PNG_BACKGROUND_EXPAND 0x0100 -#define PNG_EXPAND_16 0x0200 /* Added to libpng 1.5.2 */ -#define PNG_16_TO_8 0x0400 /* Becomes 'chop' in 1.5.4 */ -#define PNG_RGBA 0x0800 -#define PNG_EXPAND 0x1000 -#define PNG_GAMMA 0x2000 -#define PNG_GRAY_TO_RGB 0x4000 -#define PNG_FILLER 0x8000 -#define PNG_PACKSWAP 0x10000 -#define PNG_SWAP_ALPHA 0x20000 -#define PNG_STRIP_ALPHA 0x40000 -#define PNG_INVERT_ALPHA 0x80000 -#define PNG_USER_TRANSFORM 0x100000 -#define PNG_RGB_TO_GRAY_ERR 0x200000 -#define PNG_RGB_TO_GRAY_WARN 0x400000 -#define PNG_RGB_TO_GRAY 0x600000 /* two bits, RGB_TO_GRAY_ERR|WARN */ -#define PNG_ENCODE_ALPHA 0x800000 /* Added to libpng-1.5.4 */ -#define PNG_ADD_ALPHA 0x1000000 /* Added to libpng-1.2.7 */ -#define PNG_EXPAND_tRNS 0x2000000 /* Added to libpng-1.2.9 */ -#define PNG_SCALE_16_TO_8 0x4000000 /* Added to libpng-1.5.4 */ - /* 0x8000000 unused */ - /* 0x10000000 unused */ - /* 0x20000000 unused */ - /* 0x40000000 unused */ +#define PNG_BGR 0x0001U +#define PNG_INTERLACE 0x0002U +#define PNG_PACK 0x0004U +#define PNG_SHIFT 0x0008U +#define PNG_SWAP_BYTES 0x0010U +#define PNG_INVERT_MONO 0x0020U +#define PNG_QUANTIZE 0x0040U +#define PNG_COMPOSE 0x0080U /* Was PNG_BACKGROUND */ +#define PNG_BACKGROUND_EXPAND 0x0100U +#define PNG_EXPAND_16 0x0200U /* Added to libpng 1.5.2 */ +#define PNG_16_TO_8 0x0400U /* Becomes 'chop' in 1.5.4 */ +#define PNG_RGBA 0x0800U +#define PNG_EXPAND 0x1000U +#define PNG_GAMMA 0x2000U +#define PNG_GRAY_TO_RGB 0x4000U +#define PNG_FILLER 0x8000U +#define PNG_PACKSWAP 0x10000U +#define PNG_SWAP_ALPHA 0x20000U +#define PNG_STRIP_ALPHA 0x40000U +#define PNG_INVERT_ALPHA 0x80000U +#define PNG_USER_TRANSFORM 0x100000U +#define PNG_RGB_TO_GRAY_ERR 0x200000U +#define PNG_RGB_TO_GRAY_WARN 0x400000U +#define PNG_RGB_TO_GRAY 0x600000U /* two bits, RGB_TO_GRAY_ERR|WARN */ +#define PNG_ENCODE_ALPHA 0x800000U /* Added to libpng-1.5.4 */ +#define PNG_ADD_ALPHA 0x1000000U /* Added to libpng-1.2.7 */ +#define PNG_EXPAND_tRNS 0x2000000U /* Added to libpng-1.2.9 */ +#define PNG_SCALE_16_TO_8 0x4000000U /* Added to libpng-1.5.4 */ + /* 0x8000000U unused */ + /* 0x10000000U unused */ + /* 0x20000000U unused */ + /* 0x40000000U unused */ /* Flags for png_create_struct */ -#define PNG_STRUCT_PNG 0x0001 -#define PNG_STRUCT_INFO 0x0002 +#define PNG_STRUCT_PNG 0x0001U +#define PNG_STRUCT_INFO 0x0002U /* Flags for the png_ptr->flags rather than declaring a byte for each one */ -#define PNG_FLAG_ZLIB_CUSTOM_STRATEGY 0x0001 -#define PNG_FLAG_ZSTREAM_INITIALIZED 0x0002 /* Added to libpng-1.6.0 */ - /* 0x0004 unused */ -#define PNG_FLAG_ZSTREAM_ENDED 0x0008 /* Added to libpng-1.6.0 */ - /* 0x0010 unused */ - /* 0x0020 unused */ -#define PNG_FLAG_ROW_INIT 0x0040 -#define PNG_FLAG_FILLER_AFTER 0x0080 -#define PNG_FLAG_CRC_ANCILLARY_USE 0x0100 -#define PNG_FLAG_CRC_ANCILLARY_NOWARN 0x0200 -#define PNG_FLAG_CRC_CRITICAL_USE 0x0400 -#define PNG_FLAG_CRC_CRITICAL_IGNORE 0x0800 -#define PNG_FLAG_ASSUME_sRGB 0x1000 /* Added to libpng-1.5.4 */ -#define PNG_FLAG_OPTIMIZE_ALPHA 0x2000 /* Added to libpng-1.5.4 */ -#define PNG_FLAG_DETECT_UNINITIALIZED 0x4000 /* Added to libpng-1.5.4 */ -/* #define PNG_FLAG_KEEP_UNKNOWN_CHUNKS 0x8000 */ -/* #define PNG_FLAG_KEEP_UNSAFE_CHUNKS 0x10000 */ -#define PNG_FLAG_LIBRARY_MISMATCH 0x20000 -#define PNG_FLAG_STRIP_ERROR_NUMBERS 0x40000 -#define PNG_FLAG_STRIP_ERROR_TEXT 0x80000 -#define PNG_FLAG_BENIGN_ERRORS_WARN 0x100000 /* Added to libpng-1.4.0 */ -#define PNG_FLAG_APP_WARNINGS_WARN 0x200000 /* Added to libpng-1.6.0 */ -#define PNG_FLAG_APP_ERRORS_WARN 0x400000 /* Added to libpng-1.6.0 */ - /* 0x800000 unused */ - /* 0x1000000 unused */ - /* 0x2000000 unused */ - /* 0x4000000 unused */ - /* 0x8000000 unused */ - /* 0x10000000 unused */ - /* 0x20000000 unused */ - /* 0x40000000 unused */ +#define PNG_FLAG_ZLIB_CUSTOM_STRATEGY 0x0001U +#define PNG_FLAG_ZSTREAM_INITIALIZED 0x0002U /* Added to libpng-1.6.0 */ + /* 0x0004U unused */ +#define PNG_FLAG_ZSTREAM_ENDED 0x0008U /* Added to libpng-1.6.0 */ + /* 0x0010U unused */ + /* 0x0020U unused */ +#define PNG_FLAG_ROW_INIT 0x0040U +#define PNG_FLAG_FILLER_AFTER 0x0080U +#define PNG_FLAG_CRC_ANCILLARY_USE 0x0100U +#define PNG_FLAG_CRC_ANCILLARY_NOWARN 0x0200U +#define PNG_FLAG_CRC_CRITICAL_USE 0x0400U +#define PNG_FLAG_CRC_CRITICAL_IGNORE 0x0800U +#define PNG_FLAG_ASSUME_sRGB 0x1000U /* Added to libpng-1.5.4 */ +#define PNG_FLAG_OPTIMIZE_ALPHA 0x2000U /* Added to libpng-1.5.4 */ +#define PNG_FLAG_DETECT_UNINITIALIZED 0x4000U /* Added to libpng-1.5.4 */ +/* #define PNG_FLAG_KEEP_UNKNOWN_CHUNKS 0x8000U */ +/* #define PNG_FLAG_KEEP_UNSAFE_CHUNKS 0x10000U */ +#define PNG_FLAG_LIBRARY_MISMATCH 0x20000U +#define PNG_FLAG_STRIP_ERROR_NUMBERS 0x40000U +#define PNG_FLAG_STRIP_ERROR_TEXT 0x80000U +#define PNG_FLAG_BENIGN_ERRORS_WARN 0x100000U /* Added to libpng-1.4.0 */ +#define PNG_FLAG_APP_WARNINGS_WARN 0x200000U /* Added to libpng-1.6.0 */ +#define PNG_FLAG_APP_ERRORS_WARN 0x400000U /* Added to libpng-1.6.0 */ + /* 0x800000U unused */ + /* 0x1000000U unused */ + /* 0x2000000U unused */ + /* 0x4000000U unused */ + /* 0x8000000U unused */ + /* 0x10000000U unused */ + /* 0x20000000U unused */ + /* 0x40000000U unused */ #define PNG_FLAG_CRC_ANCILLARY_MASK (PNG_FLAG_CRC_ANCILLARY_USE | \ PNG_FLAG_CRC_ANCILLARY_NOWARN) @@ -668,6 +698,24 @@ ((png_size_t)(width) * (((png_size_t)(pixel_bits)) >> 3)) : \ (( ((png_size_t)(width) * ((png_size_t)(pixel_bits))) + 7) >> 3) ) +/* This returns the number of trailing bits in the last byte of a row, 0 if the + * last byte is completely full of pixels. It is, in principle, (pixel_bits x + * width) % 8, but that would overflow for large 'width'. The second macro is + * the same except that it returns the number of unused bits in the last byte; + * (8-TRAILBITS), but 0 when TRAILBITS is 0. + * + * NOTE: these macros are intended to be self-evidently correct and never + * overflow on the assumption that pixel_bits is in the range 0..255. The + * arguments are evaluated only once and they can be signed (e.g. as a result of + * the integral promotions). The result of the expression always has type + * (png_uint_32), however the compiler always knows it is in the range 0..7. + */ +#define PNG_TRAILBITS(pixel_bits, width) \ + (((pixel_bits) * ((width) % (png_uint_32)8)) % 8) + +#define PNG_PADBITS(pixel_bits, width) \ + ((8 - PNG_TRAILBITS(pixel_bits, width)) % 8) + /* PNG_OUT_OF_RANGE returns true if value is outside the range * ideal-delta..ideal+delta. Each argument is evaluated twice. * "ideal" and "delta" should be constants, normally simple @@ -1053,7 +1101,7 @@ #ifdef PNG_WRITE_cHRM_SUPPORTED PNG_INTERNAL_FUNCTION(void,png_write_cHRM_fixed,(png_structrp png_ptr, const png_xy *xy), PNG_EMPTY); - /* The xy value must have been previously validated */ + /* The xy value must have been previously validated */ #endif #ifdef PNG_WRITE_sRGB_SUPPORTED @@ -1202,6 +1250,7 @@ PNG_INTERNAL_FUNCTION(void,png_read_filter_row,(png_structrp pp, png_row_infop row_info, png_bytep row, png_const_bytep prev_row, int filter),PNG_EMPTY); +#if PNG_ARM_NEON_OPT > 0 PNG_INTERNAL_FUNCTION(void,png_read_filter_row_up_neon,(png_row_infop row_info, png_bytep row, png_const_bytep prev_row),PNG_EMPTY); PNG_INTERNAL_FUNCTION(void,png_read_filter_row_sub3_neon,(png_row_infop @@ -1216,6 +1265,24 @@ row_info, png_bytep row, png_const_bytep prev_row),PNG_EMPTY); PNG_INTERNAL_FUNCTION(void,png_read_filter_row_paeth4_neon,(png_row_infop row_info, png_bytep row, png_const_bytep prev_row),PNG_EMPTY); +#endif + +#if PNG_MIPS_MSA_OPT > 0 +PNG_INTERNAL_FUNCTION(void,png_read_filter_row_up_msa,(png_row_infop row_info, + png_bytep row, png_const_bytep prev_row),PNG_EMPTY); +PNG_INTERNAL_FUNCTION(void,png_read_filter_row_sub3_msa,(png_row_infop + row_info, png_bytep row, png_const_bytep prev_row),PNG_EMPTY); +PNG_INTERNAL_FUNCTION(void,png_read_filter_row_sub4_msa,(png_row_infop + row_info, png_bytep row, png_const_bytep prev_row),PNG_EMPTY); +PNG_INTERNAL_FUNCTION(void,png_read_filter_row_avg3_msa,(png_row_infop + row_info, png_bytep row, png_const_bytep prev_row),PNG_EMPTY); +PNG_INTERNAL_FUNCTION(void,png_read_filter_row_avg4_msa,(png_row_infop + row_info, png_bytep row, png_const_bytep prev_row),PNG_EMPTY); +PNG_INTERNAL_FUNCTION(void,png_read_filter_row_paeth3_msa,(png_row_infop + row_info, png_bytep row, png_const_bytep prev_row),PNG_EMPTY); +PNG_INTERNAL_FUNCTION(void,png_read_filter_row_paeth4_msa,(png_row_infop + row_info, png_bytep row, png_const_bytep prev_row),PNG_EMPTY); +#endif /* Choose the best filter to use and filter the row data */ PNG_INTERNAL_FUNCTION(void,png_write_find_filter,(png_structrp png_ptr, @@ -1243,7 +1310,7 @@ /* Initialize the row buffers, etc. */ PNG_INTERNAL_FUNCTION(void,png_read_start_row,(png_structrp png_ptr),PNG_EMPTY); -#if PNG_ZLIB_VERNUM >= 0x1240 +#if ZLIB_VERNUM >= 0x1240 PNG_INTERNAL_FUNCTION(int,png_zlib_inflate,(png_structrp png_ptr, int flush), PNG_EMPTY); # define PNG_INFLATE(pp, flush) png_zlib_inflate(pp, flush) @@ -1441,7 +1508,7 @@ PNG_INTERNAL_FUNCTION(void,png_push_have_end,(png_structrp png_ptr, png_inforp info_ptr),PNG_EMPTY); PNG_INTERNAL_FUNCTION(void,png_push_have_row,(png_structrp png_ptr, - png_bytep row),PNG_EMPTY); + png_bytep row),PNG_EMPTY); PNG_INTERNAL_FUNCTION(void,png_push_read_end,(png_structrp png_ptr, png_inforp info_ptr),PNG_EMPTY); PNG_INTERNAL_FUNCTION(void,png_process_some_data,(png_structrp png_ptr, @@ -1480,13 +1547,13 @@ PNG_INTERNAL_FUNCTION(void,png_colorspace_sync_info,(png_const_structrp png_ptr, png_inforp info_ptr), PNG_EMPTY); - /* Synchronize the info 'valid' flags with the colorspace */ + /* Synchronize the info 'valid' flags with the colorspace */ PNG_INTERNAL_FUNCTION(void,png_colorspace_sync,(png_const_structrp png_ptr, png_inforp info_ptr), PNG_EMPTY); - /* Copy the png_struct colorspace to the info_struct and call the above to - * synchronize the flags. Checks for NULL info_ptr and does nothing. - */ + /* Copy the png_struct colorspace to the info_struct and call the above to + * synchronize the flags. Checks for NULL info_ptr and does nothing. + */ #endif /* Added at libpng version 1.4.0 */ @@ -1520,9 +1587,11 @@ /* The 'name' is used for information only */ /* Routines for checking parts of an ICC profile. */ +#ifdef PNG_READ_iCCP_SUPPORTED PNG_INTERNAL_FUNCTION(int,png_icc_check_length,(png_const_structrp png_ptr, png_colorspacerp colorspace, png_const_charp name, png_uint_32 profile_length), PNG_EMPTY); +#endif /* READ_iCCP */ PNG_INTERNAL_FUNCTION(int,png_icc_check_header,(png_const_structrp png_ptr, png_colorspacerp colorspace, png_const_charp name, png_uint_32 profile_length, @@ -1941,10 +2010,20 @@ * the builder of libpng passes the definition of PNG_FILTER_OPTIMIZATIONS in * CFLAGS in place of CPPFLAGS *and* uses symbol prefixing. */ +# if PNG_ARM_NEON_OPT > 0 PNG_INTERNAL_FUNCTION(void, png_init_filter_functions_neon, (png_structp png_ptr, unsigned int bpp), PNG_EMPTY); #endif +#if PNG_MIPS_MSA_OPT > 0 +PNG_INTERNAL_FUNCTION(void, png_init_filter_functions_msa, + (png_structp png_ptr, unsigned int bpp), PNG_EMPTY); +#endif +#endif + +PNG_INTERNAL_FUNCTION(png_uint_32, png_check_keyword, (png_structrp png_ptr, + png_const_charp key, png_bytep new_key), PNG_EMPTY); + /* Maintainer: Put new private prototypes here ^ */ #include "pngdebug.h"
--- a/src/share/native/sun/awt/libpng/pngread.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngread.c Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.17 [March 26, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.26 [October 20, 2016] + * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -56,10 +56,10 @@ { #ifndef PNG_USER_MEM_SUPPORTED png_structp png_ptr = png_create_png_struct(user_png_ver, error_ptr, - error_fn, warn_fn, NULL, NULL, NULL); + error_fn, warn_fn, NULL, NULL, NULL); #else return png_create_read_struct_2(user_png_ver, error_ptr, error_fn, - warn_fn, NULL, NULL, NULL); + warn_fn, NULL, NULL, NULL); } /* Alternate create PNG structure for reading, and allocate any memory @@ -71,7 +71,7 @@ png_malloc_ptr malloc_fn, png_free_ptr free_fn),PNG_ALLOCATED) { png_structp png_ptr = png_create_png_struct(user_png_ver, error_ptr, - error_fn, warn_fn, mem_ptr, malloc_fn, free_fn); + error_fn, warn_fn, mem_ptr, malloc_fn, free_fn); #endif /* USER_MEM */ if (png_ptr != NULL) @@ -155,7 +155,10 @@ } else if ((png_ptr->mode & PNG_HAVE_IDAT) != 0) + { + png_ptr->mode |= PNG_HAVE_CHUNK_AFTER_IDAT; png_ptr->mode |= PNG_AFTER_IDAT; + } /* This should be a binary subdivision search or a hash for * matching the chunk name rather than a linear search. @@ -277,7 +280,7 @@ else png_handle_unknown(png_ptr, info_ptr, length, - PNG_HANDLE_CHUNK_AS_DEFAULT); + PNG_HANDLE_CHUNK_AS_DEFAULT); } } #endif /* SEQUENTIAL_READ */ @@ -304,7 +307,7 @@ /* New in 1.6.0 this avoids the bug of doing the initializations twice */ else png_app_error(png_ptr, - "png_read_update_info/png_start_read_image: duplicate call"); + "png_read_update_info/png_start_read_image: duplicate call"); } } @@ -327,7 +330,7 @@ /* New in 1.6.0 this avoids the bug of doing the initializations twice */ else png_app_error(png_ptr, - "png_start_read_image/png_read_update_info: duplicate call"); + "png_start_read_image/png_read_update_info: duplicate call"); } } #endif /* SEQUENTIAL_READ */ @@ -384,9 +387,9 @@ for (i = 0, rp = row; i < row_width; i++, rp += bytes_per_pixel) { - png_uint_32 s0 = (*(rp ) << 8) | *(rp + 1); - png_uint_32 s1 = (*(rp + 2) << 8) | *(rp + 3); - png_uint_32 s2 = (*(rp + 4) << 8) | *(rp + 5); + png_uint_32 s0 = (png_uint_32)(*(rp ) << 8) | *(rp + 1); + png_uint_32 s1 = (png_uint_32)(*(rp + 2) << 8) | *(rp + 3); + png_uint_32 s2 = (png_uint_32)(*(rp + 4) << 8) | *(rp + 5); png_uint_32 red = (s0 + s1 + 65536) & 0xffff; png_uint_32 blue = (s2 + s1 + 65536) & 0xffff; *(rp ) = (png_byte)((red >> 8) & 0xff); @@ -565,7 +568,7 @@ { if (png_ptr->row_buf[0] < PNG_FILTER_VALUE_LAST) png_read_filter_row(png_ptr, &row_info, png_ptr->row_buf + 1, - png_ptr->prev_row + 1, png_ptr->row_buf[0]); + png_ptr->prev_row + 1, png_ptr->row_buf[0]); else png_error(png_ptr, "bad adaptive filter value"); } @@ -609,7 +612,7 @@ { if (png_ptr->pass < 6) png_do_read_interlace(&row_info, png_ptr->row_buf + 1, png_ptr->pass, - png_ptr->transformations); + png_ptr->transformations); if (dsp_row != NULL) png_combine_row(png_ptr, dsp_row, 1/*display*/); @@ -744,7 +747,7 @@ * but the caller should do it! */ png_warning(png_ptr, "Interlace handling should be turned on when " - "using png_read_image"); + "using png_read_image"); /* Make sure this is set correctly */ png_ptr->num_rows = png_ptr->height; } @@ -804,8 +807,8 @@ #ifdef PNG_READ_CHECK_FOR_INVALID_INDEX_SUPPORTED /* Report invalid palette index; added at libng-1.5.10 */ if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE && - png_ptr->num_palette_max > png_ptr->num_palette) - png_benign_error(png_ptr, "Read palette index exceeding num_palette"); + png_ptr->num_palette_max > png_ptr->num_palette) + png_benign_error(png_ptr, "Read palette index exceeding num_palette"); #endif do @@ -813,6 +816,9 @@ png_uint_32 length = png_read_chunk_header(png_ptr); png_uint_32 chunk_name = png_ptr->chunk_name; + if (chunk_name != png_IDAT) + png_ptr->mode |= PNG_HAVE_CHUNK_AFTER_IDAT; + if (chunk_name == png_IEND) png_handle_IEND(png_ptr, info_ptr, length); @@ -827,9 +833,9 @@ { if (chunk_name == png_IDAT) { - if ((length > 0) || - (png_ptr->mode & PNG_HAVE_CHUNK_AFTER_IDAT) != 0) - png_benign_error(png_ptr, "Too many IDATs found"); + if ((length > 0 && !(png_ptr->flags & PNG_FLAG_ZSTREAM_ENDED)) + || (png_ptr->mode & PNG_HAVE_CHUNK_AFTER_IDAT) != 0) + png_benign_error(png_ptr, ".Too many IDATs found"); } png_handle_unknown(png_ptr, info_ptr, length, keep); if (chunk_name == png_PLTE) @@ -840,10 +846,14 @@ else if (chunk_name == png_IDAT) { /* Zero length IDATs are legal after the last IDAT has been - * read, but not after other chunks have been read. + * read, but not after other chunks have been read. 1.6 does not + * always read all the deflate data; specifically it cannot be relied + * upon to read the Adler32 at the end. If it doesn't ignore IDAT + * chunks which are longer than zero as well: */ - if ((length > 0) || (png_ptr->mode & PNG_HAVE_CHUNK_AFTER_IDAT) != 0) - png_benign_error(png_ptr, "Too many IDATs found"); + if ((length > 0 && !(png_ptr->flags & PNG_FLAG_ZSTREAM_ENDED)) + || (png_ptr->mode & PNG_HAVE_CHUNK_AFTER_IDAT) != 0) + png_benign_error(png_ptr, "..Too many IDATs found"); png_crc_finish(png_ptr, length); } @@ -937,7 +947,7 @@ else png_handle_unknown(png_ptr, info_ptr, length, - PNG_HANDLE_CHUNK_AS_DEFAULT); + PNG_HANDLE_CHUNK_AS_DEFAULT); } while ((png_ptr->mode & PNG_HAVE_IEND) == 0); } #endif /* SEQUENTIAL_READ */ @@ -1048,8 +1058,7 @@ #ifdef PNG_INFO_IMAGE_SUPPORTED void PNGAPI png_read_png(png_structrp png_ptr, png_inforp info_ptr, - int transforms, - voidp params) + int transforms, voidp params) { if (png_ptr == NULL || info_ptr == NULL) return; @@ -1325,7 +1334,7 @@ if (info_ptr != NULL) { png_controlp control = png_voidcast(png_controlp, - png_malloc_warn(png_ptr, (sizeof *control))); + png_malloc_warn(png_ptr, (sizeof *control))); if (control != NULL) { @@ -1412,7 +1421,9 @@ png_structrp png_ptr = image->opaque->png_ptr; png_inforp info_ptr = image->opaque->info_ptr; +#ifdef PNG_BENIGN_ERRORS_SUPPORTED png_set_benign_errors(png_ptr, 1/*warn*/); +#endif png_read_info(png_ptr, info_ptr); /* Do this the fast way; just read directly out of png_struct. */ @@ -1450,7 +1461,7 @@ break; case PNG_COLOR_TYPE_PALETTE: - cmap_entries = png_ptr->num_palette; + cmap_entries = (png_uint_32)png_ptr->num_palette; break; default: @@ -1488,12 +1499,12 @@ else return png_image_error(image, - "png_image_begin_read_from_stdio: invalid argument"); + "png_image_begin_read_from_stdio: invalid argument"); } else if (image != NULL) return png_image_error(image, - "png_image_begin_read_from_stdio: incorrect PNG_IMAGE_VERSION"); + "png_image_begin_read_from_stdio: incorrect PNG_IMAGE_VERSION"); return 0; } @@ -1526,12 +1537,12 @@ else return png_image_error(image, - "png_image_begin_read_from_file: invalid argument"); + "png_image_begin_read_from_file: invalid argument"); } else if (image != NULL) return png_image_error(image, - "png_image_begin_read_from_file: incorrect PNG_IMAGE_VERSION"); + "png_image_begin_read_from_file: incorrect PNG_IMAGE_VERSION"); return 0; } @@ -1568,7 +1579,7 @@ } int PNGAPI png_image_begin_read_from_memory(png_imagep image, - png_const_voidp memory, png_size_t size) + png_const_voidp memory, png_size_t size) { if (image != NULL && image->version == PNG_IMAGE_VERSION) { @@ -1591,12 +1602,12 @@ else return png_image_error(image, - "png_image_begin_read_from_memory: invalid argument"); + "png_image_begin_read_from_memory: invalid argument"); } else if (image != NULL) return png_image_error(image, - "png_image_begin_read_from_memory: incorrect PNG_IMAGE_VERSION"); + "png_image_begin_read_from_memory: incorrect PNG_IMAGE_VERSION"); return 0; } @@ -1642,12 +1653,12 @@ * IHDR, PLTE, tRNS, IDAT, and IEND chunks. */ png_set_keep_unknown_chunks(png_ptr, PNG_HANDLE_CHUNK_NEVER, - NULL, -1); + NULL, -1); /* But do not ignore image data handling chunks */ png_set_keep_unknown_chunks(png_ptr, PNG_HANDLE_CHUNK_AS_DEFAULT, - chunks_to_process, (int)/*SAFE*/(sizeof chunks_to_process)/5); - } + chunks_to_process, (int)/*SAFE*/(sizeof chunks_to_process)/5); + } } # define PNG_SKIP_CHUNKS(p) png_image_skip_unused_chunks(p) @@ -1714,7 +1725,7 @@ #ifdef __GNUC__ default: png_error(display->image->opaque->png_ptr, - "unexpected encoding (internal error)"); + "unexpected encoding (internal error)"); #endif } @@ -1723,8 +1734,8 @@ static png_uint_32 png_colormap_compose(png_image_read_control *display, - png_uint_32 foreground, int foreground_encoding, png_uint_32 alpha, - png_uint_32 background, int encoding) + png_uint_32 foreground, int foreground_encoding, png_uint_32 alpha, + png_uint_32 background, int encoding) { /* The file value is composed on the background, the background has the given * encoding and so does the result, the file is encoded with P_FILE and the @@ -1760,14 +1771,14 @@ */ static void png_create_colormap_entry(png_image_read_control *display, - png_uint_32 ip, png_uint_32 red, png_uint_32 green, png_uint_32 blue, - png_uint_32 alpha, int encoding) + png_uint_32 ip, png_uint_32 red, png_uint_32 green, png_uint_32 blue, + png_uint_32 alpha, int encoding) { png_imagep image = display->image; const int output_encoding = (image->format & PNG_FORMAT_FLAG_LINEAR) != 0 ? - P_LINEAR : P_sRGB; + P_LINEAR : P_sRGB; const int convert_to_Y = (image->format & PNG_FORMAT_FLAG_COLOR) == 0 && - (red != green || green != blue); + (red != green || green != blue); if (ip > 255) png_error(image->opaque->png_ptr, "color-map index out of range"); @@ -1985,7 +1996,7 @@ for (i=0; i<256; ++i) png_create_colormap_entry(display, i, i, i, i, 255, P_FILE); - return i; + return (int)i; } static int @@ -1996,7 +2007,7 @@ for (i=0; i<256; ++i) png_create_colormap_entry(display, i, i, i, i, 255, P_sRGB); - return i; + return (int)i; } #define PNG_GRAY_COLORMAP_ENTRIES 256 @@ -2047,10 +2058,10 @@ for (g=0; g<6; ++g) png_create_colormap_entry(display, i++, g*51, g*51, g*51, a*51, - P_sRGB); + P_sRGB); } - return i; + return (int)i; } #define PNG_GA_COLORMAP_ENTRIES 256 @@ -2071,11 +2082,11 @@ for (b=0; b<6; ++b) png_create_colormap_entry(display, i++, r*51, g*51, b*51, 255, - P_sRGB); + P_sRGB); } } - return i; + return (int)i; } #define PNG_RGB_COLORMAP_ENTRIES 216 @@ -2123,7 +2134,7 @@ else if (display->background == NULL /* no way to remove it */) png_error(png_ptr, - "a background color must be supplied to remove alpha/transparency"); + "background color must be supplied to remove alpha/transparency"); /* Get a copy of the background color (this avoids repeating the checks * below.) The encoding is 8-bit sRGB or 16-bit linear, depending on the @@ -2218,7 +2229,7 @@ */ if (i != trans) png_create_colormap_entry(display, i, val, val, val, 255, - P_FILE/*8-bit with file gamma*/); + P_FILE/*8-bit with file gamma*/); /* Else this entry is transparent. The colors don't matter if * there is an alpha channel (back_alpha == 0), but it does no @@ -2230,7 +2241,7 @@ */ else png_create_colormap_entry(display, i, back_r, back_g, back_b, - back_alpha, output_encoding); + back_alpha, output_encoding); } /* We need libpng to preserve the original encoding. */ @@ -2268,7 +2279,7 @@ if (PNG_GRAY_COLORMAP_ENTRIES > image->colormap_entries) png_error(png_ptr, "gray[16] color-map: too few entries"); - cmap_entries = make_gray_colormap(display); + cmap_entries = (unsigned int)make_gray_colormap(display); if (png_ptr->num_trans > 0) { @@ -2295,7 +2306,7 @@ * matches. */ png_create_colormap_entry(display, gray, back_g, back_g, - back_g, 65535, P_LINEAR); + back_g, 65535, P_LINEAR); } /* The background passed to libpng, however, must be the @@ -2309,8 +2320,8 @@ * doesn't. */ png_set_background_fixed(png_ptr, &c, - PNG_BACKGROUND_GAMMA_SCREEN, 0/*need_expand*/, - 0/*gamma: not used*/); + PNG_BACKGROUND_GAMMA_SCREEN, 0/*need_expand*/, + 0/*gamma: not used*/); output_processing = PNG_CMAP_NONE; break; @@ -2340,7 +2351,7 @@ * background color at full precision. */ png_create_colormap_entry(display, 254, back_r, back_g, back_b, - back_alpha, output_encoding); + back_alpha, output_encoding); } else @@ -2366,7 +2377,7 @@ if (PNG_GA_COLORMAP_ENTRIES > image->colormap_entries) png_error(png_ptr, "gray+alpha color-map: too few entries"); - cmap_entries = make_ga_colormap(display); + cmap_entries = (unsigned int)make_ga_colormap(display); background_index = PNG_CMAP_GA_BACKGROUND; output_processing = PNG_CMAP_GA; @@ -2400,7 +2411,7 @@ if (PNG_GRAY_COLORMAP_ENTRIES > image->colormap_entries) png_error(png_ptr, "gray-alpha color-map: too few entries"); - cmap_entries = make_gray_colormap(display); + cmap_entries = (unsigned int)make_gray_colormap(display); if (output_encoding == P_LINEAR) { @@ -2408,7 +2419,7 @@ /* And make sure the corresponding palette entry matches. */ png_create_colormap_entry(display, gray, back_g, back_g, - back_g, 65535, P_LINEAR); + back_g, 65535, P_LINEAR); } /* The background passed to libpng, however, must be the sRGB @@ -2418,8 +2429,8 @@ c.gray = c.red = c.green = c.blue = (png_uint_16)gray; png_set_background_fixed(png_ptr, &c, - PNG_BACKGROUND_GAMMA_SCREEN, 0/*need_expand*/, - 0/*gamma: not used*/); + PNG_BACKGROUND_GAMMA_SCREEN, 0/*need_expand*/, + 0/*gamma: not used*/); output_processing = PNG_CMAP_NONE; } @@ -2439,7 +2450,7 @@ { png_uint_32 gray = (i * 256 + 115) / 231; png_create_colormap_entry(display, i++, gray, gray, gray, - 255, P_sRGB); + 255, P_sRGB); } /* NOTE: this preserves the full precision of the application @@ -2448,13 +2459,13 @@ background_index = i; png_create_colormap_entry(display, i++, back_r, back_g, back_b, #ifdef __COVERITY__ - /* Coverity claims that output_encoding cannot be 2 (P_LINEAR) - * here. - */ 255U, + /* Coverity claims that output_encoding + * cannot be 2 (P_LINEAR) here. + */ 255U, #else - output_encoding == P_LINEAR ? 65535U : 255U, + output_encoding == P_LINEAR ? 65535U : 255U, #endif - output_encoding); + output_encoding); /* For non-opaque input composite on the sRGB background - this * requires inverting the encoding for each component. The input @@ -2492,9 +2503,9 @@ png_uint_32 gray = png_sRGB_table[g*51] * alpha; png_create_colormap_entry(display, i++, - PNG_sRGB_FROM_LINEAR(gray + back_rx), - PNG_sRGB_FROM_LINEAR(gray + back_gx), - PNG_sRGB_FROM_LINEAR(gray + back_bx), 255, P_sRGB); + PNG_sRGB_FROM_LINEAR(gray + back_rx), + PNG_sRGB_FROM_LINEAR(gray + back_gx), + PNG_sRGB_FROM_LINEAR(gray + back_bx), 255, P_sRGB); } } @@ -2520,7 +2531,7 @@ * png_set_tRNS_to_alpha before png_set_background_fixed. */ png_set_rgb_to_gray_fixed(png_ptr, PNG_ERROR_ACTION_NONE, -1, - -1); + -1); data_encoding = P_sRGB; /* The output will now be one or two 8-bit gray or gray+alpha @@ -2539,7 +2550,7 @@ if (PNG_GA_COLORMAP_ENTRIES > image->colormap_entries) png_error(png_ptr, "rgb[ga] color-map: too few entries"); - cmap_entries = make_ga_colormap(display); + cmap_entries = (unsigned int)make_ga_colormap(display); background_index = PNG_CMAP_GA_BACKGROUND; output_processing = PNG_CMAP_GA; } @@ -2565,12 +2576,12 @@ png_ptr->num_trans > 0) && png_gamma_not_sRGB(png_ptr->colorspace.gamma) != 0) { - cmap_entries = make_gray_file_colormap(display); + cmap_entries = (unsigned int)make_gray_file_colormap(display); data_encoding = P_FILE; } else - cmap_entries = make_gray_colormap(display); + cmap_entries = (unsigned int)make_gray_colormap(display); /* But if the input has alpha or transparency it must be removed */ @@ -2596,13 +2607,13 @@ gray = png_sRGB_table[gray]; /* now P_LINEAR */ gray = PNG_DIV257(png_gamma_16bit_correct(gray, - png_ptr->colorspace.gamma)); /* now P_FILE */ + png_ptr->colorspace.gamma)); /* now P_FILE */ /* And make sure the corresponding palette entry contains * exactly the required sRGB value. */ png_create_colormap_entry(display, gray, back_g, back_g, - back_g, 0/*unused*/, output_encoding); + back_g, 0/*unused*/, output_encoding); } else if (output_encoding == P_LINEAR) @@ -2627,8 +2638,8 @@ */ expand_tRNS = 1; png_set_background_fixed(png_ptr, &c, - PNG_BACKGROUND_GAMMA_SCREEN, 0/*need_expand*/, - 0/*gamma: not used*/); + PNG_BACKGROUND_GAMMA_SCREEN, 0/*need_expand*/, + 0/*gamma: not used*/); } output_processing = PNG_CMAP_NONE; @@ -2658,11 +2669,11 @@ if (PNG_RGB_COLORMAP_ENTRIES+1+27 > image->colormap_entries) png_error(png_ptr, "rgb+alpha color-map: too few entries"); - cmap_entries = make_rgb_colormap(display); + cmap_entries = (unsigned int)make_rgb_colormap(display); /* Add a transparent entry. */ png_create_colormap_entry(display, cmap_entries, 255, 255, - 255, 0, P_sRGB); + 255, 0, P_sRGB); /* This is stored as the background index for the processing * algorithm. @@ -2683,7 +2694,7 @@ */ for (b=0; b<256; b = (b << 1) | 0x7f) png_create_colormap_entry(display, cmap_entries++, - r, g, b, 128, P_sRGB); + r, g, b, 128, P_sRGB); } } @@ -2707,10 +2718,10 @@ if (PNG_RGB_COLORMAP_ENTRIES+1+27 > image->colormap_entries) png_error(png_ptr, "rgb-alpha color-map: too few entries"); - cmap_entries = make_rgb_colormap(display); + cmap_entries = (unsigned int)make_rgb_colormap(display); png_create_colormap_entry(display, cmap_entries, back_r, - back_g, back_b, 0/*unused*/, output_encoding); + back_g, back_b, 0/*unused*/, output_encoding); if (output_encoding == P_LINEAR) { @@ -2732,9 +2743,9 @@ * index. */ if (memcmp((png_const_bytep)display->colormap + - sample_size * cmap_entries, - (png_const_bytep)display->colormap + - sample_size * PNG_RGB_INDEX(r,g,b), + sample_size * cmap_entries, + (png_const_bytep)display->colormap + + sample_size * PNG_RGB_INDEX(r,g,b), sample_size) != 0) { /* The background color must be added. */ @@ -2752,13 +2763,13 @@ */ for (b=0; b<256; b = (b << 1) | 0x7f) png_create_colormap_entry(display, cmap_entries++, - png_colormap_compose(display, r, P_sRGB, 128, - back_r, output_encoding), - png_colormap_compose(display, g, P_sRGB, 128, - back_g, output_encoding), - png_colormap_compose(display, b, P_sRGB, 128, - back_b, output_encoding), - 0/*unused*/, output_encoding); + png_colormap_compose(display, r, P_sRGB, 128, + back_r, output_encoding), + png_colormap_compose(display, g, P_sRGB, 128, + back_g, output_encoding), + png_colormap_compose(display, b, P_sRGB, 128, + back_b, output_encoding), + 0/*unused*/, output_encoding); } } @@ -2776,8 +2787,8 @@ c.blue = (png_uint_16)back_b; png_set_background_fixed(png_ptr, &c, - PNG_BACKGROUND_GAMMA_SCREEN, 0/*need_expand*/, - 0/*gamma: not used*/); + PNG_BACKGROUND_GAMMA_SCREEN, 0/*need_expand*/, + 0/*gamma: not used*/); output_processing = PNG_CMAP_RGB; } @@ -2792,7 +2803,7 @@ if (PNG_RGB_COLORMAP_ENTRIES > image->colormap_entries) png_error(png_ptr, "rgb color-map: too few entries"); - cmap_entries = make_rgb_colormap(display); + cmap_entries = (unsigned int)make_rgb_colormap(display); output_processing = PNG_CMAP_RGB; } } @@ -2816,11 +2827,11 @@ output_processing = PNG_CMAP_NONE; data_encoding = P_FILE; /* Don't change from color-map indices */ - cmap_entries = png_ptr->num_palette; + cmap_entries = (unsigned int)png_ptr->num_palette; if (cmap_entries > 256) cmap_entries = 256; - if (cmap_entries > image->colormap_entries) + if (cmap_entries > (unsigned int)image->colormap_entries) png_error(png_ptr, "palette color-map: too few entries"); for (i=0; i < cmap_entries; ++i) @@ -2829,7 +2840,7 @@ { if (trans[i] == 0) png_create_colormap_entry(display, i, back_r, back_g, - back_b, 0, output_encoding); + back_b, 0, output_encoding); else { @@ -2837,22 +2848,22 @@ * on the sRGB color in 'back'. */ png_create_colormap_entry(display, i, - png_colormap_compose(display, colormap[i].red, P_FILE, - trans[i], back_r, output_encoding), - png_colormap_compose(display, colormap[i].green, P_FILE, - trans[i], back_g, output_encoding), - png_colormap_compose(display, colormap[i].blue, P_FILE, - trans[i], back_b, output_encoding), - output_encoding == P_LINEAR ? trans[i] * 257U : - trans[i], - output_encoding); + png_colormap_compose(display, colormap[i].red, + P_FILE, trans[i], back_r, output_encoding), + png_colormap_compose(display, colormap[i].green, + P_FILE, trans[i], back_g, output_encoding), + png_colormap_compose(display, colormap[i].blue, + P_FILE, trans[i], back_b, output_encoding), + output_encoding == P_LINEAR ? trans[i] * 257U : + trans[i], + output_encoding); } } else png_create_colormap_entry(display, i, colormap[i].red, - colormap[i].green, colormap[i].blue, - i < num_trans ? trans[i] : 255U, P_FILE/*8-bit*/); + colormap[i].green, colormap[i].blue, + i < num_trans ? trans[i] : 255U, P_FILE/*8-bit*/); } /* The PNG data may have indices packed in fewer than 8 bits, it @@ -2932,7 +2943,7 @@ png_error(png_ptr, "bad background index (internal error)"); } - display->colormap_processing = output_processing; + display->colormap_processing = (int)output_processing; return 1/*ok*/; } @@ -2942,7 +2953,7 @@ png_image_read_and_map(png_voidp argument) { png_image_read_control *display = png_voidcast(png_image_read_control*, - argument); + argument); png_imagep image = display->image; png_structrp png_ptr = image->opaque->png_ptr; int passes; @@ -3079,7 +3090,7 @@ if (alpha >= 196) *outrow = PNG_RGB_INDEX(inrow[0], inrow[1], - inrow[2]); + inrow[2]); else if (alpha < 64) *outrow = PNG_CMAP_RGB_ALPHA_BACKGROUND; @@ -3131,7 +3142,7 @@ png_image_read_colormapped(png_voidp argument) { png_image_read_control *display = png_voidcast(png_image_read_control*, - argument); + argument); png_imagep image = display->image; png_controlp control = image->opaque; png_structrp png_ptr = control->png_ptr; @@ -3241,14 +3252,14 @@ else { - png_alloc_size_t row_bytes = display->row_bytes; + png_alloc_size_t row_bytes = (png_alloc_size_t)display->row_bytes; while (--passes >= 0) { png_uint_32 y = image->height; png_bytep row = png_voidcast(png_bytep, display->first_row); - while (y-- > 0) + for (; y > 0; --y) { png_read_row(png_ptr, row, NULL); row += row_bytes; @@ -3264,7 +3275,7 @@ png_image_read_composite(png_voidp argument) { png_image_read_control *display = png_voidcast(png_image_read_control*, - argument); + argument); png_imagep image = display->image; png_structrp png_ptr = image->opaque->png_ptr; int passes; @@ -3391,7 +3402,7 @@ png_image_read_background(png_voidp argument) { png_image_read_control *display = png_voidcast(png_image_read_control*, - argument); + argument); png_imagep image = display->image; png_structrp png_ptr = image->opaque->png_ptr; png_inforp info_ptr = image->opaque->info_ptr; @@ -3451,8 +3462,7 @@ for (pass = 0; pass < passes; ++pass) { - png_bytep row = png_voidcast(png_bytep, - display->first_row); + png_bytep row = png_voidcast(png_bytep, display->first_row); unsigned int startx, stepx, stepy; png_uint_32 y; @@ -3480,7 +3490,7 @@ for (; y<height; y += stepy) { png_bytep inrow = png_voidcast(png_bytep, - display->local_row); + display->local_row); png_bytep outrow = first_row + y * step_row; png_const_bytep end_row = outrow + width; @@ -3525,7 +3535,7 @@ for (; y<height; y += stepy) { png_bytep inrow = png_voidcast(png_bytep, - display->local_row); + display->local_row); png_bytep outrow = first_row + y * step_row; png_const_bytep end_row = outrow + width; @@ -3572,13 +3582,14 @@ */ { png_uint_16p first_row = png_voidcast(png_uint_16p, - display->first_row); + display->first_row); /* The division by two is safe because the caller passed in a * stride which was multiplied by 2 (below) to get row_bytes. */ ptrdiff_t step_row = display->row_bytes / 2; - int preserve_alpha = (image->format & PNG_FORMAT_FLAG_ALPHA) != 0; - unsigned int outchannels = 1+preserve_alpha; + unsigned int preserve_alpha = (image->format & + PNG_FORMAT_FLAG_ALPHA) != 0; + unsigned int outchannels = 1U+preserve_alpha; int swap_alpha = 0; # ifdef PNG_SIMPLIFIED_READ_AFIRST_SUPPORTED @@ -3622,7 +3633,7 @@ /* Read the row, which is packed: */ png_read_row(png_ptr, png_voidcast(png_bytep, - display->local_row), NULL); + display->local_row), NULL); inrow = png_voidcast(png_const_uint_16p, display->local_row); /* Now do the pre-multiplication on each pixel in this row. @@ -3671,7 +3682,7 @@ png_image_read_direct(png_voidp argument) { png_image_read_control *display = png_voidcast(png_image_read_control*, - argument); + argument); png_imagep image = display->image; png_structrp png_ptr = image->opaque->png_ptr; png_inforp info_ptr = image->opaque->info_ptr; @@ -3722,7 +3733,7 @@ do_local_background = 1/*maybe*/; png_set_rgb_to_gray_fixed(png_ptr, PNG_ERROR_ACTION_NONE, - PNG_RGB_TO_GRAY_DEFAULT, PNG_RGB_TO_GRAY_DEFAULT); + PNG_RGB_TO_GRAY_DEFAULT, PNG_RGB_TO_GRAY_DEFAULT); } change &= ~PNG_FORMAT_FLAG_COLOR; @@ -3781,7 +3792,7 @@ * final value. */ if (png_muldiv(>est, output_gamma, png_ptr->colorspace.gamma, - PNG_FP_1) != 0 && png_gamma_significant(gtest) == 0) + PNG_FP_1) != 0 && png_gamma_significant(gtest) == 0) do_local_background = 0; else if (mode == PNG_ALPHA_STANDARD) @@ -3844,8 +3855,8 @@ * pixels. */ png_set_background_fixed(png_ptr, &c, - PNG_BACKGROUND_GAMMA_SCREEN, 0/*need_expand*/, - 0/*gamma: not used*/); + PNG_BACKGROUND_GAMMA_SCREEN, 0/*need_expand*/, + 0/*gamma: not used*/); } else /* compose on row: implemented below. */ @@ -3876,16 +3887,16 @@ else filler = 255; -# ifdef PNG_FORMAT_AFIRST_SUPPORTED - if ((format & PNG_FORMAT_FLAG_AFIRST) != 0) - { - where = PNG_FILLER_BEFORE; - change &= ~PNG_FORMAT_FLAG_AFIRST; - } - - else -# endif - where = PNG_FILLER_AFTER; +#ifdef PNG_FORMAT_AFIRST_SUPPORTED + if ((format & PNG_FORMAT_FLAG_AFIRST) != 0) + { + where = PNG_FILLER_BEFORE; + change &= ~PNG_FORMAT_FLAG_AFIRST; + } + + else +#endif + where = PNG_FILLER_AFTER; png_set_add_alpha(png_ptr, filler, where); } @@ -3993,12 +4004,12 @@ if (info_ptr->bit_depth == 16) info_format |= PNG_FORMAT_FLAG_LINEAR; -# ifdef PNG_FORMAT_BGR_SUPPORTED - if ((png_ptr->transformations & PNG_BGR) != 0) - info_format |= PNG_FORMAT_FLAG_BGR; -# endif - -# ifdef PNG_FORMAT_AFIRST_SUPPORTED +#ifdef PNG_FORMAT_BGR_SUPPORTED + if ((png_ptr->transformations & PNG_BGR) != 0) + info_format |= PNG_FORMAT_FLAG_BGR; +#endif + +#ifdef PNG_FORMAT_AFIRST_SUPPORTED if (do_local_background == 2) { if ((format & PNG_FORMAT_FLAG_AFIRST) != 0) @@ -4075,14 +4086,14 @@ else { - png_alloc_size_t row_bytes = display->row_bytes; + png_alloc_size_t row_bytes = (png_alloc_size_t)display->row_bytes; while (--passes >= 0) { png_uint_32 y = image->height; png_bytep row = png_voidcast(png_bytep, display->first_row); - while (y-- > 0) + for (; y > 0; --y) { png_read_row(png_ptr, row, NULL); row += row_bytes; @@ -4095,67 +4106,117 @@ int PNGAPI png_image_finish_read(png_imagep image, png_const_colorp background, - void *buffer, png_int_32 row_stride, void *colormap) + void *buffer, png_int_32 row_stride, void *colormap) { if (image != NULL && image->version == PNG_IMAGE_VERSION) { - png_uint_32 check; - - if (row_stride == 0) - row_stride = PNG_IMAGE_ROW_STRIDE(*image); - - if (row_stride < 0) - check = -row_stride; - - else - check = row_stride; - - if (image->opaque != NULL && buffer != NULL && - check >= PNG_IMAGE_ROW_STRIDE(*image)) + /* Check for row_stride overflow. This check is not performed on the + * original PNG format because it may not occur in the output PNG format + * and libpng deals with the issues of reading the original. + */ + const unsigned int channels = PNG_IMAGE_PIXEL_CHANNELS(image->format); + + /* The following checks just the 'row_stride' calculation to ensure it + * fits in a signed 32-bit value. Because channels/components can be + * either 1 or 2 bytes in size the length of a row can still overflow 32 + * bits; this is just to verify that the 'row_stride' argument can be + * represented. + */ + if (image->width <= 0x7fffffffU/channels) /* no overflow */ { - if ((image->format & PNG_FORMAT_FLAG_COLORMAP) == 0 || - (image->colormap_entries > 0 && colormap != NULL)) + png_uint_32 check; + const png_uint_32 png_row_stride = image->width * channels; + + if (row_stride == 0) + row_stride = (png_int_32)/*SAFE*/png_row_stride; + + if (row_stride < 0) + check = (png_uint_32)(-row_stride); + + else + check = (png_uint_32)row_stride; + + /* This verifies 'check', the absolute value of the actual stride + * passed in and detects overflow in the application calculation (i.e. + * if the app did actually pass in a non-zero 'row_stride'. + */ + if (image->opaque != NULL && buffer != NULL && check >= png_row_stride) { - int result; - png_image_read_control display; - - memset(&display, 0, (sizeof display)); - display.image = image; - display.buffer = buffer; - display.row_stride = row_stride; - display.colormap = colormap; - display.background = background; - display.local_row = NULL; - - /* Choose the correct 'end' routine; for the color-map case all the - * setup has already been done. + /* Now check for overflow of the image buffer calculation; this + * limits the whole image size to 32 bits for API compatibility with + * the current, 32-bit, PNG_IMAGE_BUFFER_SIZE macro. + * + * The PNG_IMAGE_BUFFER_SIZE macro is: + * + * (PNG_IMAGE_PIXEL_COMPONENT_SIZE(fmt)*height*(row_stride)) + * + * And the component size is always 1 or 2, so make sure that the + * number of *bytes* that the application is saying are available + * does actually fit into a 32-bit number. + * + * NOTE: this will be changed in 1.7 because PNG_IMAGE_BUFFER_SIZE + * will be changed to use png_alloc_size_t; bigger images can be + * accomodated on 64-bit systems. */ - if ((image->format & PNG_FORMAT_FLAG_COLORMAP) != 0) - result = - png_safe_execute(image, png_image_read_colormap, &display) && - png_safe_execute(image, png_image_read_colormapped, &display); + if (image->height <= + 0xffffffffU/PNG_IMAGE_PIXEL_COMPONENT_SIZE(image->format)/check) + { + if ((image->format & PNG_FORMAT_FLAG_COLORMAP) == 0 || + (image->colormap_entries > 0 && colormap != NULL)) + { + int result; + png_image_read_control display; + + memset(&display, 0, (sizeof display)); + display.image = image; + display.buffer = buffer; + display.row_stride = row_stride; + display.colormap = colormap; + display.background = background; + display.local_row = NULL; + + /* Choose the correct 'end' routine; for the color-map case + * all the setup has already been done. + */ + if ((image->format & PNG_FORMAT_FLAG_COLORMAP) != 0) + result = + png_safe_execute(image, + png_image_read_colormap, &display) && + png_safe_execute(image, + png_image_read_colormapped, &display); + + else + result = + png_safe_execute(image, + png_image_read_direct, &display); + + png_image_free(image); + return result; + } + + else + return png_image_error(image, + "png_image_finish_read[color-map]: no color-map"); + } else - result = - png_safe_execute(image, png_image_read_direct, &display); - - png_image_free(image); - return result; + return png_image_error(image, + "png_image_finish_read: image too large"); } else return png_image_error(image, - "png_image_finish_read[color-map]: no color-map"); + "png_image_finish_read: invalid argument"); } else return png_image_error(image, - "png_image_finish_read: invalid argument"); + "png_image_finish_read: row_stride too large"); } else if (image != NULL) return png_image_error(image, - "png_image_finish_read: damaged PNG_IMAGE_VERSION"); + "png_image_finish_read: damaged PNG_IMAGE_VERSION"); return 0; }
--- a/src/share/native/sun/awt/libpng/pngrio.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngrio.c Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.17 [March 26, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.24 [August 4, 2016] + * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -113,7 +113,7 @@ */ void PNGAPI png_set_read_fn(png_structrp png_ptr, png_voidp io_ptr, - png_rw_ptr read_data_fn) + png_rw_ptr read_data_fn) { if (png_ptr == NULL) return;
--- a/src/share/native/sun/awt/libpng/pngrtran.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngrtran.c Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.19 [November 12, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.24 [August 4, 2016] + * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -76,7 +76,7 @@ case PNG_CRC_WARN_DISCARD: /* Not a valid action for critical data */ png_warning(png_ptr, - "Can't discard critical data on CRC error"); + "Can't discard critical data on CRC error"); case PNG_CRC_ERROR_QUIT: /* Error/quit */ case PNG_CRC_DEFAULT: @@ -129,7 +129,7 @@ { if ((png_ptr->flags & PNG_FLAG_ROW_INIT) != 0) png_app_error(png_ptr, - "invalid after png_start_read_image or png_read_update_info"); + "invalid after png_start_read_image or png_read_update_info"); else if (need_IHDR && (png_ptr->mode & PNG_HAVE_IHDR) == 0) png_app_error(png_ptr, "invalid before the PNG header has been read"); @@ -187,7 +187,7 @@ png_set_background_fixed(png_ptr, background_color, background_gamma_code, need_expand, png_fixed(png_ptr, background_gamma, "png_set_background")); } -# endif /* FLOATING_POINT */ +# endif /* FLOATING_POINT */ #endif /* READ_BACKGROUND */ /* Scale 16-bit depth files to 8-bit depth. If both of these are set then the @@ -237,7 +237,7 @@ #if defined(PNG_READ_ALPHA_MODE_SUPPORTED) || defined(PNG_READ_GAMMA_SUPPORTED) static png_fixed_point translate_gamma_flags(png_structrp png_ptr, png_fixed_point output_gamma, - int is_screen) + int is_screen) { /* Check for flag values. The main reason for having the old Mac value as a * flag is that it is pretty near impossible to work out what the correct @@ -301,7 +301,7 @@ #ifdef PNG_READ_ALPHA_MODE_SUPPORTED void PNGFAPI png_set_alpha_mode_fixed(png_structrp png_ptr, int mode, - png_fixed_point output_gamma) + png_fixed_point output_gamma) { int compose = 0; png_fixed_point file_gamma; @@ -317,9 +317,12 @@ * is expected to be 1 or greater, but this range test allows for some * viewing correction values. The intent is to weed out users of this API * who use the inverse of the gamma value accidentally! Since some of these - * values are reasonable this may have to be changed. + * values are reasonable this may have to be changed: + * + * 1.6.x: changed from 0.07..3 to 0.01..100 (to accomodate the optimal 16-bit + * gamma of 36, and its reciprocal.) */ - if (output_gamma < 70000 || output_gamma > 300000) + if (output_gamma < 1000 || output_gamma > 10000000) png_error(png_ptr, "output gamma out of expected range"); /* The default file gamma is the inverse of the output gamma; the output @@ -402,7 +405,7 @@ if ((png_ptr->transformations & PNG_COMPOSE) != 0) png_error(png_ptr, - "conflicting calls to set alpha mode and background"); + "conflicting calls to set alpha mode and background"); png_ptr->transformations |= PNG_COMPOSE; } @@ -413,7 +416,7 @@ png_set_alpha_mode(png_structrp png_ptr, int mode, double output_gamma) { png_set_alpha_mode_fixed(png_ptr, mode, convert_gamma_value(png_ptr, - output_gamma)); + output_gamma)); } # endif #endif @@ -454,7 +457,7 @@ int i; png_ptr->quantize_index = (png_bytep)png_malloc(png_ptr, - (png_uint_32)(num_palette * (sizeof (png_byte)))); + (png_uint_32)((png_uint_32)num_palette * (sizeof (png_byte)))); for (i = 0; i < num_palette; i++) png_ptr->quantize_index[i] = (png_byte)i; } @@ -471,7 +474,7 @@ /* Initialize an array to sort colors */ png_ptr->quantize_sort = (png_bytep)png_malloc(png_ptr, - (png_uint_32)(num_palette * (sizeof (png_byte)))); + (png_uint_32)((png_uint_32)num_palette * (sizeof (png_byte)))); /* Initialize the quantize_sort array */ for (i = 0; i < num_palette; i++) @@ -605,9 +608,9 @@ /* Initialize palette index arrays */ png_ptr->index_to_palette = (png_bytep)png_malloc(png_ptr, - (png_uint_32)(num_palette * (sizeof (png_byte)))); + (png_uint_32)((png_uint_32)num_palette * (sizeof (png_byte)))); png_ptr->palette_to_index = (png_bytep)png_malloc(png_ptr, - (png_uint_32)(num_palette * (sizeof (png_byte)))); + (png_uint_32)((png_uint_32)num_palette * (sizeof (png_byte)))); /* Initialize the sort array */ for (i = 0; i < num_palette; i++) @@ -827,7 +830,7 @@ #ifdef PNG_READ_GAMMA_SUPPORTED void PNGFAPI png_set_gamma_fixed(png_structrp png_ptr, png_fixed_point scrn_gamma, - png_fixed_point file_gamma) + png_fixed_point file_gamma) { png_debug(1, "in png_set_gamma_fixed"); @@ -869,7 +872,7 @@ png_set_gamma(png_structrp png_ptr, double scrn_gamma, double file_gamma) { png_set_gamma_fixed(png_ptr, convert_gamma_value(png_ptr, scrn_gamma), - convert_gamma_value(png_ptr, file_gamma)); + convert_gamma_value(png_ptr, file_gamma)); } # endif /* FLOATING_POINT */ #endif /* READ_GAMMA */ @@ -1015,7 +1018,7 @@ * that it just worked and get a memory overwrite. */ png_error(png_ptr, - "Cannot do RGB_TO_GRAY without EXPAND_SUPPORTED"); + "Cannot do RGB_TO_GRAY without EXPAND_SUPPORTED"); /* png_ptr->transformations &= ~PNG_RGB_TO_GRAY; */ } @@ -1042,7 +1045,7 @@ { if (red >= 0 && green >= 0) png_app_warning(png_ptr, - "ignoring out of range rgb_to_gray coefficients"); + "ignoring out of range rgb_to_gray coefficients"); /* Use the defaults, from the cHRM chunk if set, else the historical * values which are close to the sRGB/HDTV/ITU-Rec 709 values. See @@ -1051,7 +1054,7 @@ * something has already provided a default. */ if (png_ptr->rgb_to_gray_red_coeff == 0 && - png_ptr->rgb_to_gray_green_coeff == 0) + png_ptr->rgb_to_gray_green_coeff == 0) { png_ptr->rgb_to_gray_red_coeff = 6968; png_ptr->rgb_to_gray_green_coeff = 23434; @@ -1068,10 +1071,10 @@ void PNGAPI png_set_rgb_to_gray(png_structrp png_ptr, int error_action, double red, - double green) + double green) { png_set_rgb_to_gray_fixed(png_ptr, error_action, - png_fixed(png_ptr, red, "rgb to gray red coefficient"), + png_fixed(png_ptr, red, "rgb to gray red coefficient"), png_fixed(png_ptr, green, "rgb to gray green coefficient")); } #endif /* FLOATING POINT */ @@ -1328,7 +1331,7 @@ { if (png_ptr->screen_gamma != 0) /* screen set too */ gamma_correction = png_gamma_threshold(png_ptr->colorspace.gamma, - png_ptr->screen_gamma); + png_ptr->screen_gamma); else /* Assume the output matches the input; a long time default behavior @@ -1609,7 +1612,7 @@ */ if ((png_ptr->transformations & PNG_RGB_TO_GRAY) != 0) png_warning(png_ptr, - "libpng does not support gamma+background+rgb_to_gray"); + "libpng does not support gamma+background+rgb_to_gray"); if ((png_ptr->color_type == PNG_COLOR_TYPE_PALETTE) != 0) { @@ -1645,13 +1648,13 @@ case PNG_BACKGROUND_GAMMA_FILE: g = png_reciprocal(png_ptr->colorspace.gamma); gs = png_reciprocal2(png_ptr->colorspace.gamma, - png_ptr->screen_gamma); + png_ptr->screen_gamma); break; case PNG_BACKGROUND_GAMMA_UNIQUE: g = png_reciprocal(png_ptr->background_gamma); gs = png_reciprocal2(png_ptr->background_gamma, - png_ptr->screen_gamma); + png_ptr->screen_gamma); break; default: g = PNG_FP_1; /* back_1 */ @@ -1679,11 +1682,11 @@ if (png_gamma_significant(g) != 0) { back_1.red = png_gamma_8bit_correct(png_ptr->background.red, - g); + g); back_1.green = png_gamma_8bit_correct( - png_ptr->background.green, g); + png_ptr->background.green, g); back_1.blue = png_gamma_8bit_correct(png_ptr->background.blue, - g); + g); } else @@ -1754,7 +1757,7 @@ case PNG_BACKGROUND_GAMMA_FILE: g = png_reciprocal(png_ptr->colorspace.gamma); gs = png_reciprocal2(png_ptr->colorspace.gamma, - png_ptr->screen_gamma); + png_ptr->screen_gamma); break; case PNG_BACKGROUND_GAMMA_UNIQUE: @@ -1940,7 +1943,7 @@ png_ptr->palette[i].blue = (png_byte)component; } } -#endif /* READ_SHIFT */ +#endif /* READ_SHIFT */ } /* Modify the info structure to reflect the transformations. The @@ -2175,7 +2178,7 @@ { png_bytep sp = row + (png_size_t)((row_width - 1) >> 3); png_bytep dp = row + (png_size_t)row_width - 1; - png_uint_32 shift = 7 - (int)((row_width + 7) & 0x07); + png_uint_32 shift = 7U - ((row_width + 7U) & 0x07); for (i = 0; i < row_width; i++) { *dp = (png_byte)((*sp >> shift) & 0x01); @@ -2199,7 +2202,7 @@ png_bytep sp = row + (png_size_t)((row_width - 1) >> 2); png_bytep dp = row + (png_size_t)row_width - 1; - png_uint_32 shift = (int)((3 - ((row_width + 3) & 0x03)) << 1); + png_uint_32 shift = ((3U - ((row_width + 3U) & 0x03)) << 1); for (i = 0; i < row_width; i++) { *dp = (png_byte)((*sp >> shift) & 0x03); @@ -2222,7 +2225,7 @@ { png_bytep sp = row + (png_size_t)((row_width - 1) >> 1); png_bytep dp = row + (png_size_t)row_width - 1; - png_uint_32 shift = (int)((1 - ((row_width + 1) & 0x01)) << 2); + png_uint_32 shift = ((1U - ((row_width + 1U) & 0x01)) << 2); for (i = 0; i < row_width; i++) { *dp = (png_byte)((*sp >> shift) & 0x0f); @@ -3248,7 +3251,8 @@ == png_ptr->trans_color.gray) { unsigned int tmp = *sp & (0x7f7f >> (7 - shift)); - tmp |= png_ptr->background.gray << shift; + tmp |= + (unsigned int)(png_ptr->background.gray << shift); *sp = (png_byte)(tmp & 0xff); } @@ -3277,7 +3281,8 @@ == png_ptr->trans_color.gray) { unsigned int tmp = *sp & (0x3f3f >> (6 - shift)); - tmp |= png_ptr->background.gray << shift; + tmp |= + (unsigned int)png_ptr->background.gray << shift; *sp = (png_byte)(tmp & 0xff); } @@ -3287,7 +3292,7 @@ unsigned int g = (gamma_table [p | (p << 2) | (p << 4) | (p << 6)] >> 6) & 0x03; unsigned int tmp = *sp & (0x3f3f >> (6 - shift)); - tmp |= g << shift; + tmp |= (unsigned int)(g << shift); *sp = (png_byte)(tmp & 0xff); } @@ -3313,7 +3318,8 @@ == png_ptr->trans_color.gray) { unsigned int tmp = *sp & (0x3f3f >> (6 - shift)); - tmp |= png_ptr->background.gray << shift; + tmp |= + (unsigned int)png_ptr->background.gray << shift; *sp = (png_byte)(tmp & 0xff); } @@ -3343,7 +3349,8 @@ == png_ptr->trans_color.gray) { unsigned int tmp = *sp & (0x0f0f >> (4 - shift)); - tmp |= png_ptr->background.gray << shift; + tmp |= + (unsigned int)(png_ptr->background.gray << shift); *sp = (png_byte)(tmp & 0xff); } @@ -3353,7 +3360,7 @@ unsigned int g = (gamma_table[p | (p << 4)] >> 4) & 0x0f; unsigned int tmp = *sp & (0x0f0f >> (4 - shift)); - tmp |= g << shift; + tmp |= (unsigned int)(g << shift); *sp = (png_byte)(tmp & 0xff); } @@ -3379,7 +3386,8 @@ == png_ptr->trans_color.gray) { unsigned int tmp = *sp & (0x0f0f >> (4 - shift)); - tmp |= png_ptr->background.gray << shift; + tmp |= + (unsigned int)(png_ptr->background.gray << shift); *sp = (png_byte)(tmp & 0xff); } @@ -4220,7 +4228,7 @@ */ static void png_do_expand_palette(png_row_infop row_info, png_bytep row, - png_const_colorp palette, png_const_bytep trans_alpha, int num_trans) + png_const_colorp palette, png_const_bytep trans_alpha, int num_trans) { int shift, value; png_bytep sp, dp; @@ -4527,7 +4535,7 @@ row_info->channels = 2; row_info->pixel_depth = (png_byte)(row_info->bit_depth << 1); row_info->rowbytes = PNG_ROWBYTES(row_info->pixel_depth, - row_width); + row_width); } } else if (row_info->color_type == PNG_COLOR_TYPE_RGB && @@ -4787,7 +4795,7 @@ (row_info->color_type == PNG_COLOR_TYPE_RGB_ALPHA || row_info->color_type == PNG_COLOR_TYPE_GRAY_ALPHA)) png_do_strip_channel(row_info, png_ptr->row_buf + 1, - 0 /* at_start == false, because SWAP_ALPHA happens later */); + 0 /* at_start == false, because SWAP_ALPHA happens later */); #endif #ifdef PNG_READ_RGB_TO_GRAY_SUPPORTED
--- a/src/share/native/sun/awt/libpng/pngrutil.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngrutil.c Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.20 [December 3, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.27 [January 5, 2017] + * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -114,11 +114,11 @@ { png_uint_32 uval = png_get_uint_32(buf); if ((uval & 0x80000000) == 0) /* non-negative */ - return uval; + return (png_int_32)uval; uval = (uval ^ 0xffffffff) + 1; /* 2's complement: -x = ~x+1 */ if ((uval & 0x80000000) == 0) /* no overflow */ - return -(png_int_32)uval; + return -(png_int_32)uval; /* The following has to be safe; this function only gets called on PNG data * and if we get here that data is invalid. 0 is the most safe value and * if not then an attacker would surely just generate a PNG with 0 instead. @@ -398,11 +398,10 @@ */ { int ret; /* zlib return code */ -#if PNG_ZLIB_VERNUM >= 0x1240 +#if ZLIB_VERNUM >= 0x1240 + int window_bits = 0; # if defined(PNG_SET_OPTION_SUPPORTED) && defined(PNG_MAXIMUM_INFLATE_WINDOW) - int window_bits; - if (((png_ptr->options >> PNG_MAXIMUM_INFLATE_WINDOW) & 3) == PNG_OPTION_ON) { @@ -412,13 +411,11 @@ else { - window_bits = 0; png_ptr->zstream_start = 1; } -# else -# define window_bits 0 # endif -#endif + +#endif /* ZLIB_VERNUM >= 0x1240 */ /* Set this for safety, just in case the previous owner left pointers to * memory allocations. @@ -430,25 +427,32 @@ if ((png_ptr->flags & PNG_FLAG_ZSTREAM_INITIALIZED) != 0) { -#if PNG_ZLIB_VERNUM < 0x1240 +#if ZLIB_VERNUM >= 0x1240 + ret = inflateReset2(&png_ptr->zstream, window_bits); +#else ret = inflateReset(&png_ptr->zstream); -#else - ret = inflateReset2(&png_ptr->zstream, window_bits); #endif } else { -#if PNG_ZLIB_VERNUM < 0x1240 +#if ZLIB_VERNUM >= 0x1240 + ret = inflateInit2(&png_ptr->zstream, window_bits); +#else ret = inflateInit(&png_ptr->zstream); -#else - ret = inflateInit2(&png_ptr->zstream, window_bits); #endif if (ret == Z_OK) png_ptr->flags |= PNG_FLAG_ZSTREAM_INITIALIZED; } +#if ZLIB_VERNUM >= 0x1281 && \ + defined(PNG_SET_OPTION_SUPPORTED) && defined(PNG_IGNORE_ADLER32) + if (((png_ptr->options >> PNG_IGNORE_ADLER32) & 3) == PNG_OPTION_ON) + /* Turn off validation of the ADLER32 checksum in IDAT chunks */ + ret = inflateValidate(&png_ptr->zstream, 0); +#endif + if (ret == Z_OK) png_ptr->zowner = owner; @@ -463,7 +467,7 @@ #endif } -#if PNG_ZLIB_VERNUM >= 0x1240 +#if ZLIB_VERNUM >= 0x1240 /* Handle the start of the inflate stream if we called inflateInit2(strm,0); * in this case some zlib versions skip validation of the CINFO field and, in * certain circumstances, libpng may end up displaying an invalid image, in @@ -489,6 +493,7 @@ #endif /* Zlib >= 1.2.4 */ #ifdef PNG_READ_COMPRESSED_TEXT_SUPPORTED +#if defined(PNG_READ_zTXt_SUPPORTED) || defined (PNG_READ_iTXt_SUPPORTED) /* png_inflate now returns zlib error codes including Z_OK and Z_STREAM_END to * allow the caller to do multiple calls if required. If the 'finish' flag is * set Z_FINISH will be passed to the final inflate() call and Z_STREAM_END must @@ -627,9 +632,9 @@ */ static int png_decompress_chunk(png_structrp png_ptr, - png_uint_32 chunklength, png_uint_32 prefix_size, - png_alloc_size_t *newlength /* must be initialized to the maximum! */, - int terminate /*add a '\0' to the end of the uncompressed data*/) + png_uint_32 chunklength, png_uint_32 prefix_size, + png_alloc_size_t *newlength /* must be initialized to the maximum! */, + int terminate /*add a '\0' to the end of the uncompressed data*/) { /* TODO: implement different limits for different types of chunk. * @@ -666,8 +671,8 @@ png_uint_32 lzsize = chunklength - prefix_size; ret = png_inflate(png_ptr, png_ptr->chunk_name, 1/*finish*/, - /* input: */ png_ptr->read_buffer + prefix_size, &lzsize, - /* output: */ NULL, newlength); + /* input: */ png_ptr->read_buffer + prefix_size, &lzsize, + /* output: */ NULL, newlength); if (ret == Z_STREAM_END) { @@ -687,15 +692,15 @@ */ png_alloc_size_t new_size = *newlength; png_alloc_size_t buffer_size = prefix_size + new_size + - (terminate != 0); + (terminate != 0); png_bytep text = png_voidcast(png_bytep, png_malloc_base(png_ptr, - buffer_size)); + buffer_size)); if (text != NULL) { ret = png_inflate(png_ptr, png_ptr->chunk_name, 1/*finish*/, - png_ptr->read_buffer + prefix_size, &lzsize, - text + prefix_size, newlength); + png_ptr->read_buffer + prefix_size, &lzsize, + text + prefix_size, newlength); if (ret == Z_STREAM_END) { @@ -740,7 +745,7 @@ * the extra space may otherwise be used as a Trojan Horse. */ if (ret == Z_STREAM_END && - chunklength - prefix_size != lzsize) + chunklength - prefix_size != lzsize) png_chunk_benign_error(png_ptr, "extra compressed data"); } @@ -782,6 +787,7 @@ return Z_MEM_ERROR; } } +#endif /* READ_zTXt || READ_iTXt */ #endif /* READ_COMPRESSED_TEXT */ #ifdef PNG_READ_iCCP_SUPPORTED @@ -790,8 +796,8 @@ */ static int png_inflate_read(png_structrp png_ptr, png_bytep read_buffer, uInt read_size, - png_uint_32p chunk_bytes, png_bytep next_out, png_alloc_size_t *out_size, - int finish) + png_uint_32p chunk_bytes, png_bytep next_out, png_alloc_size_t *out_size, + int finish) { if (png_ptr->zowner == png_ptr->chunk_name) { @@ -830,8 +836,8 @@ * the available output is produced; this allows reading of truncated * streams. */ - ret = PNG_INFLATE(png_ptr, - *chunk_bytes > 0 ? Z_NO_FLUSH : (finish ? Z_FINISH : Z_SYNC_FLUSH)); + ret = PNG_INFLATE(png_ptr, *chunk_bytes > 0 ? + Z_NO_FLUSH : (finish ? Z_FINISH : Z_SYNC_FLUSH)); } while (ret == Z_OK && (*out_size > 0 || png_ptr->zstream.avail_out > 0)); @@ -849,7 +855,7 @@ return Z_STREAM_ERROR; } } -#endif +#endif /* READ_iCCP */ /* Read and check the IDHR chunk */ @@ -1037,7 +1043,7 @@ if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE) #endif { - png_crc_finish(png_ptr, (int) length - num * 3); + png_crc_finish(png_ptr, (png_uint_32) (length - (unsigned int)num * 3)); } #ifndef PNG_READ_OPT_PLTE_SUPPORTED @@ -1320,7 +1326,7 @@ png_ptr->colorspace.flags |= PNG_COLORSPACE_FROM_cHRM; (void)png_colorspace_set_chromaticities(png_ptr, &png_ptr->colorspace, &xy, - 1/*prefer cHRM values*/); + 1/*prefer cHRM values*/); png_colorspace_sync(png_ptr, info_ptr); } #endif @@ -1460,8 +1466,8 @@ png_ptr->zstream.next_in = (Bytef*)keyword + (keyword_length+2); png_ptr->zstream.avail_in = read_length; (void)png_inflate_read(png_ptr, local_buffer, - (sizeof local_buffer), &length, profile_header, &size, - 0/*finish: don't, because the output is too small*/); + (sizeof local_buffer), &length, profile_header, &size, + 0/*finish: don't, because the output is too small*/); if (size == 0) { @@ -1471,14 +1477,14 @@ png_get_uint_32(profile_header); if (png_icc_check_length(png_ptr, &png_ptr->colorspace, - keyword, profile_length) != 0) + keyword, profile_length) != 0) { /* The length is apparently ok, so we can check the 132 * byte header. */ if (png_icc_check_header(png_ptr, &png_ptr->colorspace, - keyword, profile_length, profile_header, - png_ptr->color_type) != 0) + keyword, profile_length, profile_header, + png_ptr->color_type) != 0) { /* Now read the tag table; a variable size buffer is * needed at this point, allocate one for the whole @@ -1486,20 +1492,20 @@ * that none of these stuff will overflow. */ const png_uint_32 tag_count = png_get_uint_32( - profile_header+128); + profile_header+128); png_bytep profile = png_read_buffer(png_ptr, - profile_length, 2/*silent*/); + profile_length, 2/*silent*/); if (profile != NULL) { memcpy(profile, profile_header, - (sizeof profile_header)); + (sizeof profile_header)); size = 12 * tag_count; (void)png_inflate_read(png_ptr, local_buffer, - (sizeof local_buffer), &length, - profile + (sizeof profile_header), &size, 0); + (sizeof local_buffer), &length, + profile + (sizeof profile_header), &size, 0); /* Still expect a buffer error because we expect * there to be some tag data! @@ -1507,22 +1513,22 @@ if (size == 0) { if (png_icc_check_tag_table(png_ptr, - &png_ptr->colorspace, keyword, profile_length, - profile) != 0) + &png_ptr->colorspace, keyword, profile_length, + profile) != 0) { /* The profile has been validated for basic * security issues, so read the whole thing in. */ size = profile_length - (sizeof profile_header) - - 12 * tag_count; + - 12 * tag_count; (void)png_inflate_read(png_ptr, local_buffer, - (sizeof local_buffer), &length, - profile + (sizeof profile_header) + - 12 * tag_count, &size, 1/*finish*/); + (sizeof local_buffer), &length, + profile + (sizeof profile_header) + + 12 * tag_count, &size, 1/*finish*/); if (length > 0 && !(png_ptr->flags & - PNG_FLAG_BENIGN_ERRORS_WARN)) + PNG_FLAG_BENIGN_ERRORS_WARN)) errmsg = "extra compressed data"; /* But otherwise allow extra data: */ @@ -1534,34 +1540,34 @@ * keep going. */ png_chunk_warning(png_ptr, - "extra compressed data"); + "extra compressed data"); } png_crc_finish(png_ptr, length); finished = 1; -# ifdef PNG_sRGB_SUPPORTED +# if defined(PNG_sRGB_SUPPORTED) && PNG_sRGB_PROFILE_CHECKS >= 0 /* Check for a match against sRGB */ png_icc_set_sRGB(png_ptr, - &png_ptr->colorspace, profile, - png_ptr->zstream.adler); -# endif + &png_ptr->colorspace, profile, + png_ptr->zstream.adler); +# endif /* Steal the profile for info_ptr. */ if (info_ptr != NULL) { png_free_data(png_ptr, info_ptr, - PNG_FREE_ICCP, 0); + PNG_FREE_ICCP, 0); info_ptr->iccp_name = png_voidcast(char*, - png_malloc_base(png_ptr, - keyword_length+1)); + png_malloc_base(png_ptr, + keyword_length+1)); if (info_ptr->iccp_name != NULL) { memcpy(info_ptr->iccp_name, keyword, - keyword_length+1); + keyword_length+1); info_ptr->iccp_proflen = - profile_length; + profile_length; info_ptr->iccp_profile = profile; png_ptr->read_buffer = NULL; /*steal*/ info_ptr->free_me |= PNG_FREE_ICCP; @@ -1743,13 +1749,13 @@ data_length = length - (png_uint_32)(entry_start - buffer); /* Integrity-check the data length */ - if ((data_length % entry_size) != 0) + if ((data_length % (unsigned int)entry_size) != 0) { png_warning(png_ptr, "sPLT chunk has bad length"); return; } - dl = (png_int_32)(data_length / entry_size); + dl = (png_uint_32)(data_length / (unsigned int)entry_size); max_dl = PNG_SIZE_MAX / (sizeof (png_sPLT_entry)); if (dl > max_dl) @@ -1758,10 +1764,10 @@ return; } - new_palette.nentries = (png_int_32)(data_length / entry_size); - - new_palette.entries = (png_sPLT_entryp)png_malloc_warn( - png_ptr, new_palette.nentries * (sizeof (png_sPLT_entry))); + new_palette.nentries = (png_int_32)(data_length / (unsigned int)entry_size); + + new_palette.entries = (png_sPLT_entryp)png_malloc_warn(png_ptr, + (png_alloc_size_t) new_palette.nentries * (sizeof (png_sPLT_entry))); if (new_palette.entries == NULL) { @@ -2298,7 +2304,7 @@ } png_set_pCAL(png_ptr, info_ptr, (png_charp)buffer, X0, X1, type, nparams, - (png_charp)units, params); + (png_charp)units, params); png_free(png_ptr, params); } @@ -2341,7 +2347,7 @@ } png_debug1(2, "Allocating and reading sCAL chunk data (%u bytes)", - length + 1); + length + 1); buffer = png_read_buffer(png_ptr, length+1, 2/*silent*/); @@ -2393,7 +2399,7 @@ else /* This is the (only) success case. */ png_set_sCAL_s(png_ptr, info_ptr, buffer[0], - (png_charp)buffer+1, (png_charp)buffer+heighti); + (png_charp)buffer+1, (png_charp)buffer+heighti); } } #endif @@ -2493,8 +2499,8 @@ if (buffer == NULL) { - png_chunk_benign_error(png_ptr, "out of memory"); - return; + png_chunk_benign_error(png_ptr, "out of memory"); + return; } png_crc_read(png_ptr, buffer, length); @@ -2601,7 +2607,7 @@ * and text chunks. */ if (png_decompress_chunk(png_ptr, length, keyword_length+2, - &uncompressed_length, 1/*terminate*/) == Z_STREAM_END) + &uncompressed_length, 1/*terminate*/) == Z_STREAM_END) { png_text text; @@ -2741,7 +2747,7 @@ * iCCP and text chunks. */ if (png_decompress_chunk(png_ptr, length, prefix_length, - &uncompressed_length, 1/*terminate*/) == Z_STREAM_END) + &uncompressed_length, 1/*terminate*/) == Z_STREAM_END) buffer = png_ptr->read_buffer; else @@ -2821,7 +2827,7 @@ { /* Do a 'warn' here - it is handled below. */ png_ptr->unknown_chunk.data = png_voidcast(png_bytep, - png_malloc_warn(png_ptr, length)); + png_malloc_warn(png_ptr, length)); } } @@ -2846,7 +2852,7 @@ /* Handle an unknown, or known but disabled, chunk */ void /* PRIVATE */ png_handle_unknown(png_structrp png_ptr, png_inforp info_ptr, - png_uint_32 length, int keep) + png_uint_32 length, int keep) { int handled = 0; /* the chunk was handled */ @@ -2884,7 +2890,7 @@ { /* Callback to user unknown chunk handler */ int ret = (*(png_ptr->read_user_chunk_fn))(png_ptr, - &png_ptr->unknown_chunk); + &png_ptr->unknown_chunk); /* ret is: * negative: An error occurred; png_chunk_error will be called. @@ -2918,9 +2924,9 @@ { png_chunk_warning(png_ptr, "Saving unknown chunk:"); png_app_warning(png_ptr, - "forcing save of an unhandled chunk;" - " please call png_set_keep_unknown_chunks"); - /* with keep = PNG_HANDLE_CHUNK_IF_SAFE */ + "forcing save of an unhandled chunk;" + " please call png_set_keep_unknown_chunks"); + /* with keep = PNG_HANDLE_CHUNK_IF_SAFE */ } # endif keep = PNG_HANDLE_CHUNK_IF_SAFE; @@ -3013,7 +3019,7 @@ * out; store the chunk. */ png_set_unknown_chunks(png_ptr, info_ptr, - &png_ptr->unknown_chunk, 1); + &png_ptr->unknown_chunk, 1); handled = 1; # ifdef PNG_USER_LIMITS_SUPPORTED break; @@ -3125,7 +3131,7 @@ # ifdef PNG_READ_PACKSWAP_SUPPORTED if ((png_ptr->transformations & PNG_PACKSWAP) != 0) /* little-endian byte */ - end_mask = 0xff << end_mask; + end_mask = (unsigned int)(0xff << end_mask); else /* big-endian byte */ # endif @@ -3446,8 +3452,8 @@ /* Everything is aligned for png_uint_16 copies, but try for * png_uint_32 first. */ - if (png_isaligned(dp, png_uint_32) != 0 && - png_isaligned(sp, png_uint_32) != 0 && + if (png_isaligned(dp, png_uint_32) && + png_isaligned(sp, png_uint_32) && bytes_to_copy % (sizeof (png_uint_32)) == 0 && bytes_to_jump % (sizeof (png_uint_32)) == 0) { @@ -3567,11 +3573,11 @@ #ifdef PNG_READ_INTERLACING_SUPPORTED void /* PRIVATE */ png_do_read_interlace(png_row_infop row_info, png_bytep row, int pass, - png_uint_32 transformations /* Because these may affect the byte layout */) + png_uint_32 transformations /* Because these may affect the byte layout */) { /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ /* Offset to next interlace block */ - static PNG_CONST int png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; + static PNG_CONST unsigned int png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; png_debug(1, "in png_do_read_interlace"); if (row != NULL && row_info != NULL) @@ -3586,9 +3592,10 @@ { png_bytep sp = row + (png_size_t)((row_info->width - 1) >> 3); png_bytep dp = row + (png_size_t)((final_width - 1) >> 3); - int sshift, dshift; - int s_start, s_end, s_inc; - int jstop = png_pass_inc[pass]; + unsigned int sshift, dshift; + unsigned int s_start, s_end; + int s_inc; + int jstop = (int)png_pass_inc[pass]; png_byte v; png_uint_32 i; int j; @@ -3596,8 +3603,8 @@ #ifdef PNG_READ_PACKSWAP_SUPPORTED if ((transformations & PNG_PACKSWAP) != 0) { - sshift = (int)((row_info->width + 7) & 0x07); - dshift = (int)((final_width + 7) & 0x07); + sshift = ((row_info->width + 7) & 0x07); + dshift = ((final_width + 7) & 0x07); s_start = 7; s_end = 0; s_inc = -1; @@ -3606,8 +3613,8 @@ else #endif { - sshift = 7 - (int)((row_info->width + 7) & 0x07); - dshift = 7 - (int)((final_width + 7) & 0x07); + sshift = 7 - ((row_info->width + 7) & 0x07); + dshift = 7 - ((final_width + 7) & 0x07); s_start = 0; s_end = 7; s_inc = 1; @@ -3619,7 +3626,7 @@ for (j = 0; j < jstop; j++) { unsigned int tmp = *dp & (0x7f7f >> (7 - dshift)); - tmp |= v << dshift; + tmp |= (unsigned int)(v << dshift); *dp = (png_byte)(tmp & 0xff); if (dshift == s_end) @@ -3629,7 +3636,7 @@ } else - dshift += s_inc; + dshift = (unsigned int)((int)dshift + s_inc); } if (sshift == s_end) @@ -3639,7 +3646,7 @@ } else - sshift += s_inc; + sshift = (unsigned int)((int)sshift + s_inc); } break; } @@ -3648,16 +3655,17 @@ { png_bytep sp = row + (png_uint_32)((row_info->width - 1) >> 2); png_bytep dp = row + (png_uint_32)((final_width - 1) >> 2); - int sshift, dshift; - int s_start, s_end, s_inc; - int jstop = png_pass_inc[pass]; + unsigned int sshift, dshift; + unsigned int s_start, s_end; + int s_inc; + int jstop = (int)png_pass_inc[pass]; png_uint_32 i; #ifdef PNG_READ_PACKSWAP_SUPPORTED if ((transformations & PNG_PACKSWAP) != 0) { - sshift = (int)(((row_info->width + 3) & 0x03) << 1); - dshift = (int)(((final_width + 3) & 0x03) << 1); + sshift = (((row_info->width + 3) & 0x03) << 1); + dshift = (((final_width + 3) & 0x03) << 1); s_start = 6; s_end = 0; s_inc = -2; @@ -3666,8 +3674,8 @@ else #endif { - sshift = (int)((3 - ((row_info->width + 3) & 0x03)) << 1); - dshift = (int)((3 - ((final_width + 3) & 0x03)) << 1); + sshift = ((3 - ((row_info->width + 3) & 0x03)) << 1); + dshift = ((3 - ((final_width + 3) & 0x03)) << 1); s_start = 0; s_end = 6; s_inc = 2; @@ -3682,7 +3690,7 @@ for (j = 0; j < jstop; j++) { unsigned int tmp = *dp & (0x3f3f >> (6 - dshift)); - tmp |= v << dshift; + tmp |= (unsigned int)(v << dshift); *dp = (png_byte)(tmp & 0xff); if (dshift == s_end) @@ -3692,7 +3700,7 @@ } else - dshift += s_inc; + dshift = (unsigned int)((int)dshift + s_inc); } if (sshift == s_end) @@ -3702,7 +3710,7 @@ } else - sshift += s_inc; + sshift = (unsigned int)((int)sshift + s_inc); } break; } @@ -3711,16 +3719,17 @@ { png_bytep sp = row + (png_size_t)((row_info->width - 1) >> 1); png_bytep dp = row + (png_size_t)((final_width - 1) >> 1); - int sshift, dshift; - int s_start, s_end, s_inc; + unsigned int sshift, dshift; + unsigned int s_start, s_end; + int s_inc; png_uint_32 i; - int jstop = png_pass_inc[pass]; + int jstop = (int)png_pass_inc[pass]; #ifdef PNG_READ_PACKSWAP_SUPPORTED if ((transformations & PNG_PACKSWAP) != 0) { - sshift = (int)(((row_info->width + 1) & 0x01) << 2); - dshift = (int)(((final_width + 1) & 0x01) << 2); + sshift = (((row_info->width + 1) & 0x01) << 2); + dshift = (((final_width + 1) & 0x01) << 2); s_start = 4; s_end = 0; s_inc = -4; @@ -3729,8 +3738,8 @@ else #endif { - sshift = (int)((1 - ((row_info->width + 1) & 0x01)) << 2); - dshift = (int)((1 - ((final_width + 1) & 0x01)) << 2); + sshift = ((1 - ((row_info->width + 1) & 0x01)) << 2); + dshift = ((1 - ((final_width + 1) & 0x01)) << 2); s_start = 0; s_end = 4; s_inc = 4; @@ -3744,7 +3753,7 @@ for (j = 0; j < jstop; j++) { unsigned int tmp = *dp & (0xf0f >> (4 - dshift)); - tmp |= v << dshift; + tmp |= (unsigned int)(v << dshift); *dp = (png_byte)(tmp & 0xff); if (dshift == s_end) @@ -3754,7 +3763,7 @@ } else - dshift += s_inc; + dshift = (unsigned int)((int)dshift + s_inc); } if (sshift == s_end) @@ -3764,7 +3773,7 @@ } else - sshift += s_inc; + sshift = (unsigned int)((int)sshift + s_inc); } break; } @@ -3778,7 +3787,7 @@ png_bytep dp = row + (png_size_t)(final_width - 1) * pixel_bytes; - int jstop = png_pass_inc[pass]; + int jstop = (int)png_pass_inc[pass]; png_uint_32 i; for (i = 0; i < row_info->width; i++) @@ -3811,7 +3820,7 @@ static void png_read_filter_row_sub(png_row_infop row_info, png_bytep row, - png_const_bytep prev_row) + png_const_bytep prev_row) { png_size_t i; png_size_t istop = row_info->rowbytes; @@ -3829,7 +3838,7 @@ static void png_read_filter_row_up(png_row_infop row_info, png_bytep row, - png_const_bytep prev_row) + png_const_bytep prev_row) { png_size_t i; png_size_t istop = row_info->rowbytes; @@ -3845,7 +3854,7 @@ static void png_read_filter_row_avg(png_row_infop row_info, png_bytep row, - png_const_bytep prev_row) + png_const_bytep prev_row) { png_size_t i; png_bytep rp = row; @@ -3872,7 +3881,7 @@ static void png_read_filter_row_paeth_1byte_pixel(png_row_infop row_info, png_bytep row, - png_const_bytep prev_row) + png_const_bytep prev_row) { png_bytep rp_end = row + row_info->rowbytes; int a, c; @@ -3920,9 +3929,9 @@ static void png_read_filter_row_paeth_multibyte_pixel(png_row_infop row_info, png_bytep row, - png_const_bytep prev_row) + png_const_bytep prev_row) { - int bpp = (row_info->pixel_depth + 7) >> 3; + unsigned int bpp = (row_info->pixel_depth + 7) >> 3; png_bytep rp_end = row + bpp; /* Process the first pixel in the row completely (this is the same as 'up' @@ -3935,7 +3944,7 @@ } /* Remainder */ - rp_end += row_info->rowbytes - bpp; + rp_end = rp_end + (row_info->rowbytes - bpp); while (row < rp_end) { @@ -4005,7 +4014,7 @@ void /* PRIVATE */ png_read_filter_row(png_structrp pp, png_row_infop row_info, png_bytep row, - png_const_bytep prev_row, int filter) + png_const_bytep prev_row, int filter) { /* OPTIMIZATION: DO NOT MODIFY THIS FUNCTION, instead #define * PNG_FILTER_OPTIMIZATIONS to a function that overrides the generic @@ -4023,7 +4032,7 @@ #ifdef PNG_SEQUENTIAL_READ_SUPPORTED void /* PRIVATE */ png_read_IDAT_data(png_structrp png_ptr, png_bytep output, - png_alloc_size_t avail_out) + png_alloc_size_t avail_out) { /* Loop reading IDATs and decompressing the result into output[avail_out] */ png_ptr->zstream.next_out = output; @@ -4280,7 +4289,7 @@ /* Offset to next interlace block in the y direction */ static PNG_CONST png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; - int max_pixel_depth; + unsigned int max_pixel_depth; png_size_t row_bytes; png_debug(1, "in png_read_start_row"); @@ -4309,7 +4318,7 @@ png_ptr->iwidth = png_ptr->width; } - max_pixel_depth = png_ptr->pixel_depth; + max_pixel_depth = (unsigned int)png_ptr->pixel_depth; /* WARNING: * png_read_transform_info (pngrtran.c) performs a simpler set of * calculations to calculate the final pixel depth, then @@ -4444,7 +4453,7 @@ defined(PNG_USER_TRANSFORM_PTR_SUPPORTED) if ((png_ptr->transformations & PNG_USER_TRANSFORM) != 0) { - int user_pixel_depth = png_ptr->user_transform_depth * + unsigned int user_pixel_depth = png_ptr->user_transform_depth * png_ptr->user_transform_channels; if (user_pixel_depth > max_pixel_depth) @@ -4466,7 +4475,7 @@ * for safety's sake */ row_bytes = PNG_ROWBYTES(max_pixel_depth, row_bytes) + - 1 + ((max_pixel_depth + 7) >> 3); + 1 + ((max_pixel_depth + 7) >> 3U); #ifdef PNG_MAX_MALLOC_64K if (row_bytes > (png_uint_32)65536L) @@ -4475,42 +4484,42 @@ if (row_bytes + 48 > png_ptr->old_big_row_buf_size) { - png_free(png_ptr, png_ptr->big_row_buf); - png_free(png_ptr, png_ptr->big_prev_row); - - if (png_ptr->interlaced != 0) - png_ptr->big_row_buf = (png_bytep)png_calloc(png_ptr, - row_bytes + 48); - - else - png_ptr->big_row_buf = (png_bytep)png_malloc(png_ptr, row_bytes + 48); - - png_ptr->big_prev_row = (png_bytep)png_malloc(png_ptr, row_bytes + 48); + png_free(png_ptr, png_ptr->big_row_buf); + png_free(png_ptr, png_ptr->big_prev_row); + + if (png_ptr->interlaced != 0) + png_ptr->big_row_buf = (png_bytep)png_calloc(png_ptr, + row_bytes + 48); + + else + png_ptr->big_row_buf = (png_bytep)png_malloc(png_ptr, row_bytes + 48); + + png_ptr->big_prev_row = (png_bytep)png_malloc(png_ptr, row_bytes + 48); #ifdef PNG_ALIGNED_MEMORY_SUPPORTED - /* Use 16-byte aligned memory for row_buf with at least 16 bytes - * of padding before and after row_buf; treat prev_row similarly. - * NOTE: the alignment is to the start of the pixels, one beyond the start - * of the buffer, because of the filter byte. Prior to libpng 1.5.6 this - * was incorrect; the filter byte was aligned, which had the exact - * opposite effect of that intended. - */ - { - png_bytep temp = png_ptr->big_row_buf + 32; - int extra = (int)((temp - (png_bytep)0) & 0x0f); - png_ptr->row_buf = temp - extra - 1/*filter byte*/; - - temp = png_ptr->big_prev_row + 32; - extra = (int)((temp - (png_bytep)0) & 0x0f); - png_ptr->prev_row = temp - extra - 1/*filter byte*/; - } + /* Use 16-byte aligned memory for row_buf with at least 16 bytes + * of padding before and after row_buf; treat prev_row similarly. + * NOTE: the alignment is to the start of the pixels, one beyond the start + * of the buffer, because of the filter byte. Prior to libpng 1.5.6 this + * was incorrect; the filter byte was aligned, which had the exact + * opposite effect of that intended. + */ + { + png_bytep temp = png_ptr->big_row_buf + 32; + int extra = (int)((temp - (png_bytep)0) & 0x0f); + png_ptr->row_buf = temp - extra - 1/*filter byte*/; + + temp = png_ptr->big_prev_row + 32; + extra = (int)((temp - (png_bytep)0) & 0x0f); + png_ptr->prev_row = temp - extra - 1/*filter byte*/; + } #else - /* Use 31 bytes of padding before and 17 bytes after row_buf. */ - png_ptr->row_buf = png_ptr->big_row_buf + 31; - png_ptr->prev_row = png_ptr->big_prev_row + 31; + /* Use 31 bytes of padding before and 17 bytes after row_buf. */ + png_ptr->row_buf = png_ptr->big_row_buf + 31; + png_ptr->prev_row = png_ptr->big_prev_row + 31; #endif - png_ptr->old_big_row_buf_size = row_bytes + 48; + png_ptr->old_big_row_buf_size = row_bytes + 48; } #ifdef PNG_MAX_MALLOC_64K @@ -4535,7 +4544,7 @@ * does not, so free the read buffer now regardless; the sequential reader * reallocates it on demand. */ - if (png_ptr->read_buffer != 0) + if (png_ptr->read_buffer != NULL) { png_bytep buffer = png_ptr->read_buffer;
--- a/src/share/native/sun/awt/libpng/pngset.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngset.c Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.19 [November 12, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.26 [October 20, 2016] + * Copyright (c) 1998-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -132,14 +132,14 @@ double green_x, double green_y, double blue_x, double blue_y) { png_set_cHRM_fixed(png_ptr, info_ptr, - png_fixed(png_ptr, white_x, "cHRM White X"), - png_fixed(png_ptr, white_y, "cHRM White Y"), - png_fixed(png_ptr, red_x, "cHRM Red X"), - png_fixed(png_ptr, red_y, "cHRM Red Y"), - png_fixed(png_ptr, green_x, "cHRM Green X"), - png_fixed(png_ptr, green_y, "cHRM Green Y"), - png_fixed(png_ptr, blue_x, "cHRM Blue X"), - png_fixed(png_ptr, blue_y, "cHRM Blue Y")); + png_fixed(png_ptr, white_x, "cHRM White X"), + png_fixed(png_ptr, white_y, "cHRM White Y"), + png_fixed(png_ptr, red_x, "cHRM Red X"), + png_fixed(png_ptr, red_y, "cHRM Red Y"), + png_fixed(png_ptr, green_x, "cHRM Green X"), + png_fixed(png_ptr, green_y, "cHRM Green Y"), + png_fixed(png_ptr, blue_x, "cHRM Blue X"), + png_fixed(png_ptr, blue_y, "cHRM Blue Y")); } void PNGAPI @@ -148,15 +148,15 @@ double blue_X, double blue_Y, double blue_Z) { png_set_cHRM_XYZ_fixed(png_ptr, info_ptr, - png_fixed(png_ptr, red_X, "cHRM Red X"), - png_fixed(png_ptr, red_Y, "cHRM Red Y"), - png_fixed(png_ptr, red_Z, "cHRM Red Z"), - png_fixed(png_ptr, green_X, "cHRM Green X"), - png_fixed(png_ptr, green_Y, "cHRM Green Y"), - png_fixed(png_ptr, green_Z, "cHRM Green Z"), - png_fixed(png_ptr, blue_X, "cHRM Blue X"), - png_fixed(png_ptr, blue_Y, "cHRM Blue Y"), - png_fixed(png_ptr, blue_Z, "cHRM Blue Z")); + png_fixed(png_ptr, red_X, "cHRM Red X"), + png_fixed(png_ptr, red_Y, "cHRM Red Y"), + png_fixed(png_ptr, red_Z, "cHRM Red Z"), + png_fixed(png_ptr, green_X, "cHRM Green X"), + png_fixed(png_ptr, green_Y, "cHRM Green Y"), + png_fixed(png_ptr, green_Z, "cHRM Green Z"), + png_fixed(png_ptr, blue_X, "cHRM Blue X"), + png_fixed(png_ptr, blue_Y, "cHRM Blue Y"), + png_fixed(png_ptr, blue_Z, "cHRM Blue Z")); } # endif /* FLOATING_POINT */ @@ -311,17 +311,29 @@ /* Check that the type matches the specification. */ if (type < 0 || type > 3) - png_error(png_ptr, "Invalid pCAL equation type"); + { + png_chunk_report(png_ptr, "Invalid pCAL equation type", + PNG_CHUNK_WRITE_ERROR); + return; + } if (nparams < 0 || nparams > 255) - png_error(png_ptr, "Invalid pCAL parameter count"); + { + png_chunk_report(png_ptr, "Invalid pCAL parameter count", + PNG_CHUNK_WRITE_ERROR); + return; + } /* Validate params[nparams] */ for (i=0; i<nparams; ++i) { if (params[i] == NULL || !png_check_fp_string(params[i], strlen(params[i]))) - png_error(png_ptr, "Invalid format for pCAL parameter"); + { + png_chunk_report(png_ptr, "Invalid format for pCAL parameter", + PNG_CHUNK_WRITE_ERROR); + return; + } } info_ptr->pcal_purpose = png_voidcast(png_charp, @@ -329,8 +341,8 @@ if (info_ptr->pcal_purpose == NULL) { - png_warning(png_ptr, "Insufficient memory for pCAL purpose"); - + png_chunk_report(png_ptr, "Insufficient memory for pCAL purpose", + PNG_CHUNK_WRITE_ERROR); return; } @@ -344,10 +356,10 @@ length = strlen(units) + 1; png_debug1(3, "allocating units for info (%lu bytes)", - (unsigned long)length); + (unsigned long)length); info_ptr->pcal_units = png_voidcast(png_charp, - png_malloc_warn(png_ptr, length)); + png_malloc_warn(png_ptr, length)); if (info_ptr->pcal_units == NULL) { @@ -359,7 +371,7 @@ memcpy(info_ptr->pcal_units, units, length); info_ptr->pcal_params = png_voidcast(png_charpp, png_malloc_warn(png_ptr, - (png_size_t)((nparams + 1) * (sizeof (png_charp))))); + (png_size_t)(((unsigned int)nparams + 1) * (sizeof (png_charp))))); if (info_ptr->pcal_params == NULL) { @@ -368,7 +380,8 @@ return; } - memset(info_ptr->pcal_params, 0, (nparams + 1) * (sizeof (png_charp))); + memset(info_ptr->pcal_params, 0, ((unsigned int)nparams + 1) * + (sizeof (png_charp))); for (i = 0; i < nparams; i++) { @@ -426,7 +439,7 @@ png_debug1(3, "allocating unit for info (%u bytes)", (unsigned int)lengthw); info_ptr->scal_s_width = png_voidcast(png_charp, - png_malloc_warn(png_ptr, lengthw)); + png_malloc_warn(png_ptr, lengthw)); if (info_ptr->scal_s_width == NULL) { @@ -442,7 +455,7 @@ png_debug1(3, "allocating unit for info (%u bytes)", (unsigned int)lengthh); info_ptr->scal_s_height = png_voidcast(png_charp, - png_malloc_warn(png_ptr, lengthh)); + png_malloc_warn(png_ptr, lengthh)); if (info_ptr->scal_s_height == NULL) { @@ -481,9 +494,9 @@ char sheight[PNG_sCAL_MAX_DIGITS+1]; png_ascii_from_fp(png_ptr, swidth, (sizeof swidth), width, - PNG_sCAL_PRECISION); + PNG_sCAL_PRECISION); png_ascii_from_fp(png_ptr, sheight, (sizeof sheight), height, - PNG_sCAL_PRECISION); + PNG_sCAL_PRECISION); png_set_sCAL_s(png_ptr, info_ptr, unit, swidth, sheight); } @@ -591,7 +604,8 @@ PNG_MAX_PALETTE_LENGTH * (sizeof (png_color)))); if (num_palette > 0) - memcpy(png_ptr->palette, palette, num_palette * (sizeof (png_color))); + memcpy(png_ptr->palette, palette, (unsigned int)num_palette * + (sizeof (png_color))); info_ptr->palette = png_ptr->palette; info_ptr->num_palette = png_ptr->num_palette = (png_uint_16)num_palette; @@ -676,7 +690,7 @@ */ { int result = png_colorspace_set_ICC(png_ptr, &info_ptr->colorspace, name, - proflen, profile, info_ptr->color_type); + proflen, profile, info_ptr->color_type); png_colorspace_sync_info(png_ptr, info_ptr); @@ -701,7 +715,7 @@ memcpy(new_iccp_name, name, length); new_iccp_profile = png_voidcast(png_bytep, - png_malloc_warn(png_ptr, proflen)); + png_malloc_warn(png_ptr, proflen)); if (new_iccp_profile == NULL) { @@ -776,14 +790,14 @@ * the overflow checks. */ new_text = png_voidcast(png_textp,png_realloc_array(png_ptr, - info_ptr->text, old_num_text, max_text-old_num_text, - sizeof *new_text)); + info_ptr->text, old_num_text, max_text-old_num_text, + sizeof *new_text)); } if (new_text == NULL) { png_chunk_report(png_ptr, "too many text chunks", - PNG_CHUNK_WRITE_ERROR); + PNG_CHUNK_WRITE_ERROR); return 1; } @@ -811,7 +825,7 @@ text_ptr[i].compression >= PNG_TEXT_COMPRESSION_LAST) { png_chunk_report(png_ptr, "text compression mode is out of range", - PNG_CHUNK_WRITE_ERROR); + PNG_CHUNK_WRITE_ERROR); continue; } @@ -843,7 +857,7 @@ # else /* iTXt */ { png_chunk_report(png_ptr, "iTXt chunk not supported", - PNG_CHUNK_WRITE_ERROR); + PNG_CHUNK_WRITE_ERROR); continue; } # endif @@ -872,7 +886,7 @@ if (textp->key == NULL) { png_chunk_report(png_ptr, "text chunk: out of memory", - PNG_CHUNK_WRITE_ERROR); + PNG_CHUNK_WRITE_ERROR); return 1; } @@ -980,12 +994,14 @@ png_free_data(png_ptr, info_ptr, PNG_FREE_TRNS, 0); - /* Changed from num_trans to PNG_MAX_PALETTE_LENGTH in version 1.2.1 */ - png_ptr->trans_alpha = info_ptr->trans_alpha = png_voidcast(png_bytep, - png_malloc(png_ptr, PNG_MAX_PALETTE_LENGTH)); - if (num_trans > 0 && num_trans <= PNG_MAX_PALETTE_LENGTH) + { + /* Changed from num_trans to PNG_MAX_PALETTE_LENGTH in version 1.2.1 */ + info_ptr->trans_alpha = png_voidcast(png_bytep, + png_malloc(png_ptr, PNG_MAX_PALETTE_LENGTH)); memcpy(info_ptr->trans_alpha, trans_alpha, (png_size_t)num_trans); + } + png_ptr->trans_alpha = info_ptr->trans_alpha; } if (trans_color != NULL) @@ -1002,7 +1018,7 @@ trans_color->green > sample_max || trans_color->blue > sample_max))) png_warning(png_ptr, - "tRNS chunk has out-of-range samples for bit_depth"); + "tRNS chunk has out-of-range samples for bit_depth"); } #endif @@ -1044,8 +1060,8 @@ * overflows. Notice that the parameters are (int) and (size_t) */ np = png_voidcast(png_sPLT_tp,png_realloc_array(png_ptr, - info_ptr->splt_palettes, info_ptr->splt_palettes_num, nentries, - sizeof *np)); + info_ptr->splt_palettes, info_ptr->splt_palettes_num, nentries, + sizeof *np)); if (np == NULL) { @@ -1106,7 +1122,7 @@ * checked it when doing the allocation. */ memcpy(np->entries, entries->entries, - entries->nentries * sizeof (png_sPLT_entry)); + (unsigned int)entries->nentries * sizeof (png_sPLT_entry)); /* Note that 'continue' skips the advance of the out pointer and out * count, so an invalid entry is not added. @@ -1136,10 +1152,10 @@ { /* Write struct, so unknown chunks come from the app */ png_app_warning(png_ptr, - "png_set_unknown_chunks now expects a valid location"); + "png_set_unknown_chunks now expects a valid location"); /* Use the old behavior */ location = (png_byte)(png_ptr->mode & - (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT)); + (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT)); } /* This need not be an internal error - if the app calls @@ -1162,7 +1178,7 @@ void PNGAPI png_set_unknown_chunks(png_const_structrp png_ptr, - png_inforp info_ptr, png_const_unknown_chunkp unknowns, int num_unknowns) + png_inforp info_ptr, png_const_unknown_chunkp unknowns, int num_unknowns) { png_unknown_chunkp np; @@ -1201,13 +1217,13 @@ * appropriate to read or write. */ np = png_voidcast(png_unknown_chunkp, png_realloc_array(png_ptr, - info_ptr->unknown_chunks, info_ptr->unknown_chunks_num, num_unknowns, - sizeof *np)); + info_ptr->unknown_chunks, info_ptr->unknown_chunks_num, num_unknowns, + sizeof *np)); if (np == NULL) { png_chunk_report(png_ptr, "too many unknown chunks", - PNG_CHUNK_WRITE_ERROR); + PNG_CHUNK_WRITE_ERROR); return; } @@ -1236,12 +1252,12 @@ else { np->data = png_voidcast(png_bytep, - png_malloc_base(png_ptr, unknowns->size)); + png_malloc_base(png_ptr, unknowns->size)); if (np->data == NULL) { png_chunk_report(png_ptr, "unknown chunk: out of memory", - PNG_CHUNK_WRITE_ERROR); + PNG_CHUNK_WRITE_ERROR); /* But just skip storing the unknown chunk */ continue; } @@ -1275,7 +1291,7 @@ { png_app_error(png_ptr, "invalid unknown chunk location"); /* Fake out the pre 1.6.0 behavior: */ - if ((location & PNG_HAVE_IDAT) != 0) /* undocumented! */ + if (((unsigned int)location & PNG_HAVE_IDAT) != 0) /* undocumented! */ location = PNG_AFTER_IDAT; else @@ -1399,7 +1415,7 @@ return; } - num_chunks = num_chunks_in; + num_chunks = (unsigned int)num_chunks_in; } old_num_chunks = png_ptr->num_chunk_list; @@ -1448,7 +1464,7 @@ for (i=0; i<num_chunks; ++i) { old_num_chunks = add_one_chunk(new_list, old_num_chunks, - chunk_list+5*i, keep); + chunk_list+5*i, keep); } /* Now remove any spurious 'default' entries. */ @@ -1528,60 +1544,60 @@ void PNGAPI png_set_compression_buffer_size(png_structrp png_ptr, png_size_t size) { - if (png_ptr == NULL) - return; + if (png_ptr == NULL) + return; - if (size == 0 || size > PNG_UINT_31_MAX) - png_error(png_ptr, "invalid compression buffer size"); + if (size == 0 || size > PNG_UINT_31_MAX) + png_error(png_ptr, "invalid compression buffer size"); # ifdef PNG_SEQUENTIAL_READ_SUPPORTED - if ((png_ptr->mode & PNG_IS_READ_STRUCT) != 0) - { - png_ptr->IDAT_read_size = (png_uint_32)size; /* checked above */ - return; - } + if ((png_ptr->mode & PNG_IS_READ_STRUCT) != 0) + { + png_ptr->IDAT_read_size = (png_uint_32)size; /* checked above */ + return; + } # endif # ifdef PNG_WRITE_SUPPORTED - if ((png_ptr->mode & PNG_IS_READ_STRUCT) == 0) + if ((png_ptr->mode & PNG_IS_READ_STRUCT) == 0) + { + if (png_ptr->zowner != 0) { - if (png_ptr->zowner != 0) - { - png_warning(png_ptr, - "Compression buffer size cannot be changed because it is in use"); + png_warning(png_ptr, + "Compression buffer size cannot be changed because it is in use"); - return; - } + return; + } #ifndef __COVERITY__ - /* Some compilers complain that this is always false. However, it - * can be true when integer overflow happens. - */ - if (size > ZLIB_IO_MAX) - { - png_warning(png_ptr, - "Compression buffer size limited to system maximum"); - size = ZLIB_IO_MAX; /* must fit */ - } + /* Some compilers complain that this is always false. However, it + * can be true when integer overflow happens. + */ + if (size > ZLIB_IO_MAX) + { + png_warning(png_ptr, + "Compression buffer size limited to system maximum"); + size = ZLIB_IO_MAX; /* must fit */ + } #endif - if (size < 6) - { - /* Deflate will potentially go into an infinite loop on a SYNC_FLUSH - * if this is permitted. - */ - png_warning(png_ptr, - "Compression buffer size cannot be reduced below 6"); + if (size < 6) + { + /* Deflate will potentially go into an infinite loop on a SYNC_FLUSH + * if this is permitted. + */ + png_warning(png_ptr, + "Compression buffer size cannot be reduced below 6"); - return; - } + return; + } - if (png_ptr->zbuffer_size != size) - { - png_free_buffer_list(png_ptr, &png_ptr->zbuffer_list); - png_ptr->zbuffer_size = (uInt)size; - } + if (png_ptr->zbuffer_size != size) + { + png_free_buffer_list(png_ptr, &png_ptr->zbuffer_list); + png_ptr->zbuffer_size = (uInt)size; } + } # endif } @@ -1589,7 +1605,7 @@ png_set_invalid(png_const_structrp png_ptr, png_inforp info_ptr, int mask) { if (png_ptr != NULL && info_ptr != NULL) - info_ptr->valid &= ~mask; + info_ptr->valid &= (unsigned int)(~mask); } @@ -1672,4 +1688,92 @@ png_ptr->num_palette_max = -1; } #endif + +#if defined(PNG_TEXT_SUPPORTED) || defined(PNG_pCAL_SUPPORTED) || \ + defined(PNG_iCCP_SUPPORTED) || defined(PNG_sPLT_SUPPORTED) +/* Check that the tEXt or zTXt keyword is valid per PNG 1.0 specification, + * and if invalid, correct the keyword rather than discarding the entire + * chunk. The PNG 1.0 specification requires keywords 1-79 characters in + * length, forbids leading or trailing whitespace, multiple internal spaces, + * and the non-break space (0x80) from ISO 8859-1. Returns keyword length. + * + * The 'new_key' buffer must be 80 characters in size (for the keyword plus a + * trailing '\0'). If this routine returns 0 then there was no keyword, or a + * valid one could not be generated, and the caller must png_error. + */ +png_uint_32 /* PRIVATE */ +png_check_keyword(png_structrp png_ptr, png_const_charp key, png_bytep new_key) +{ +#ifdef PNG_WARNINGS_SUPPORTED + png_const_charp orig_key = key; +#endif + png_uint_32 key_len = 0; + int bad_character = 0; + int space = 1; + + png_debug(1, "in png_check_keyword"); + + if (key == NULL) + { + *new_key = 0; + return 0; + } + + while (*key && key_len < 79) + { + png_byte ch = (png_byte)*key++; + + if ((ch > 32 && ch <= 126) || (ch >= 161 /*&& ch <= 255*/)) + *new_key++ = ch, ++key_len, space = 0; + + else if (space == 0) + { + /* A space or an invalid character when one wasn't seen immediately + * before; output just a space. + */ + *new_key++ = 32, ++key_len, space = 1; + + /* If the character was not a space then it is invalid. */ + if (ch != 32) + bad_character = ch; + } + + else if (bad_character == 0) + bad_character = ch; /* just skip it, record the first error */ + } + + if (key_len > 0 && space != 0) /* trailing space */ + { + --key_len, --new_key; + if (bad_character == 0) + bad_character = 32; + } + + /* Terminate the keyword */ + *new_key = 0; + + if (key_len == 0) + return 0; + +#ifdef PNG_WARNINGS_SUPPORTED + /* Try to only output one warning per keyword: */ + if (*key != 0) /* keyword too long */ + png_warning(png_ptr, "keyword truncated"); + + else if (bad_character != 0) + { + PNG_WARNING_PARAMETERS(p) + + png_warning_parameter(p, 1, orig_key); + png_warning_parameter_signed(p, 2, PNG_NUMBER_FORMAT_02x, bad_character); + + png_formatted_warning(png_ptr, p, "keyword \"@1\": bad character '0x@2'"); + } +#else /* !WARNINGS */ + PNG_UNUSED(png_ptr) +#endif /* !WARNINGS */ + + return key_len; +} +#endif /* TEXT || pCAL || iCCP || sPLT */ #endif /* READ || WRITE */
--- a/src/share/native/sun/awt/libpng/pngstruct.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngstruct.h Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.18 [July 23, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.28 [January 5, 2017] + * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -277,7 +277,7 @@ png_byte filter; /* file filter type (always 0) */ png_byte interlaced; /* PNG_INTERLACE_NONE, PNG_INTERLACE_ADAM7 */ png_byte pass; /* current interlace pass (0 - 6) */ - png_byte do_filter; /* row filter flags (see PNG_FILTER_ below ) */ + png_byte do_filter; /* row filter flags (see PNG_FILTER_ in png.h ) */ png_byte color_type; /* color type of file */ png_byte bit_depth; /* bit depth of file */ png_byte usr_bit_depth; /* bit depth of users row: write only */ @@ -291,7 +291,7 @@ /* pixel depth used for the row buffers */ png_byte transformed_pixel_depth; /* pixel depth after read/write transforms */ -#if PNG_ZLIB_VERNUM >= 0x1240 +#if ZLIB_VERNUM >= 0x1240 png_byte zstream_start; /* at start of an input zlib stream */ #endif /* Zlib >= 1.2.4 */ #if defined(PNG_READ_FILLER_SUPPORTED) || defined(PNG_WRITE_FILLER_SUPPORTED) @@ -381,7 +381,7 @@ /* Options */ #ifdef PNG_SET_OPTION_SUPPORTED - png_byte options; /* On/off state (up to 4 options) */ + png_uint_32 options; /* On/off state (up to 16 options) */ #endif #if PNG_LIBPNG_VER < 10700
--- a/src/share/native/sun/awt/libpng/pngtest.c Tue Jul 11 03:45:17 2017 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,2101 +0,0 @@ -/* - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* pngtest.c - a simple test program to test libpng - * - * This file is available under and governed by the GNU General Public - * License version 2 only, as published by the Free Software Foundation. - * However, the following notice accompanied the original version of this - * file and, per its terms, should not be removed: - * - * Last changed in libpng 1.5.25 [December 3, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) - * - * This code is released under the libpng license. - * For conditions of distribution and use, see the disclaimer - * and license in png.h - * - * This program reads in a PNG image, writes it out again, and then - * compares the two files. If the files are identical, this shows that - * the basic chunk handling, filtering, and (de)compression code is working - * properly. It does not currently test all of the transforms, although - * it probably should. - * - * The program will report "FAIL" in certain legitimate cases: - * 1) when the compression level or filter selection method is changed. - * 2) when the maximum IDAT size (PNG_ZBUF_SIZE in pngconf.h) is not 8192. - * 3) unknown unsafe-to-copy ancillary chunks or unknown critical chunks - * exist in the input file. - * 4) others not listed here... - * In these cases, it is best to check with another tool such as "pngcheck" - * to see what the differences between the two files are. - * - * If a filename is given on the command-line, then this file is used - * for the input, rather than the default "pngtest.png". This allows - * testing a wide variety of files easily. You can also test a number - * of files at once by typing "pngtest -m file1.png file2.png ..." - */ - -#define _POSIX_SOURCE 1 - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -/* Defined so I can write to a file on gui/windowing platforms */ -/* #define STDERR stderr */ -#define STDERR stdout /* For DOS */ - -#include "png.h" - -/* Known chunks that exist in pngtest.png must be supported or pngtest will fail - * simply as a result of re-ordering them. This may be fixed in 1.7 - * - * pngtest allocates a single row buffer for each row and overwrites it, - * therefore if the write side doesn't support the writing of interlaced images - * nothing can be done for an interlaced image (and the code below will fail - * horribly trying to write extra data after writing garbage). - */ -#if defined PNG_READ_SUPPORTED && /* else nothing can be done */\ - defined PNG_READ_bKGD_SUPPORTED &&\ - defined PNG_READ_cHRM_SUPPORTED &&\ - defined PNG_READ_gAMA_SUPPORTED &&\ - defined PNG_READ_oFFs_SUPPORTED &&\ - defined PNG_READ_pCAL_SUPPORTED &&\ - defined PNG_READ_pHYs_SUPPORTED &&\ - defined PNG_READ_sBIT_SUPPORTED &&\ - defined PNG_READ_sCAL_SUPPORTED &&\ - defined PNG_READ_sRGB_SUPPORTED &&\ - defined PNG_READ_sPLT_SUPPORTED &&\ - defined PNG_READ_tEXt_SUPPORTED &&\ - defined PNG_READ_tIME_SUPPORTED &&\ - defined PNG_READ_zTXt_SUPPORTED &&\ - (defined PNG_WRITE_INTERLACING_SUPPORTED || PNG_LIBPNG_VER >= 10700) - -#ifdef PNG_ZLIB_HEADER -# include PNG_ZLIB_HEADER /* defined by pnglibconf.h from 1.7 */ -#else -# include "zlib.h" -#endif - -/* Copied from pngpriv.h but only used in error messages below. */ -#ifndef PNG_ZBUF_SIZE -# define PNG_ZBUF_SIZE 8192 -#endif -#define FCLOSE(file) fclose(file) - -#ifndef PNG_STDIO_SUPPORTED -typedef FILE * png_FILE_p; -#endif - -/* Makes pngtest verbose so we can find problems. */ -#ifndef PNG_DEBUG -# define PNG_DEBUG 0 -#endif - -#if PNG_DEBUG > 1 -# define pngtest_debug(m) ((void)fprintf(stderr, m "\n")) -# define pngtest_debug1(m,p1) ((void)fprintf(stderr, m "\n", p1)) -# define pngtest_debug2(m,p1,p2) ((void)fprintf(stderr, m "\n", p1, p2)) -#else -# define pngtest_debug(m) ((void)0) -# define pngtest_debug1(m,p1) ((void)0) -# define pngtest_debug2(m,p1,p2) ((void)0) -#endif - -#if !PNG_DEBUG -# define SINGLE_ROWBUF_ALLOC /* Makes buffer overruns easier to nail */ -#endif - -#ifndef PNG_UNUSED -# define PNG_UNUSED(param) (void)param; -#endif - -/* Turn on CPU timing -#define PNGTEST_TIMING -*/ - -#ifndef PNG_FLOATING_POINT_SUPPORTED -#undef PNGTEST_TIMING -#endif - -#ifdef PNGTEST_TIMING -static float t_start, t_stop, t_decode, t_encode, t_misc; -#include <time.h> -#endif - -#ifdef PNG_TIME_RFC1123_SUPPORTED -#define PNG_tIME_STRING_LENGTH 29 -static int tIME_chunk_present = 0; -static char tIME_string[PNG_tIME_STRING_LENGTH] = "tIME chunk is not present"; - -#if PNG_LIBPNG_VER < 10619 -#define png_convert_to_rfc1123_buffer(ts, t) tIME_to_str(read_ptr, ts, t) - -static int -tIME_to_str(png_structp png_ptr, png_charp ts, png_const_timep t) -{ - png_const_charp str = png_convert_to_rfc1123(png_ptr, t); - - if (str == NULL) - return 0; - - strcpy(ts, str); - return 1; -} -#endif /* older libpng */ -#endif - -static int verbose = 0; -static int strict = 0; -static int relaxed = 0; -static int unsupported_chunks = 0; /* chunk unsupported by libpng in input */ -static int error_count = 0; /* count calls to png_error */ -static int warning_count = 0; /* count calls to png_warning */ - -/* Define png_jmpbuf() in case we are using a pre-1.0.6 version of libpng */ -#ifndef png_jmpbuf -# define png_jmpbuf(png_ptr) png_ptr->jmpbuf -#endif - -/* Defines for unknown chunk handling if required. */ -#ifndef PNG_HANDLE_CHUNK_ALWAYS -# define PNG_HANDLE_CHUNK_ALWAYS 3 -#endif -#ifndef PNG_HANDLE_CHUNK_IF_SAFE -# define PNG_HANDLE_CHUNK_IF_SAFE 2 -#endif - -/* Utility to save typing/errors, the argument must be a name */ -#define MEMZERO(var) ((void)memset(&var, 0, sizeof var)) - -/* Example of using row callbacks to make a simple progress meter */ -static int status_pass = 1; -static int status_dots_requested = 0; -static int status_dots = 1; - -static void PNGCBAPI -read_row_callback(png_structp png_ptr, png_uint_32 row_number, int pass) -{ - if (png_ptr == NULL || row_number > PNG_UINT_31_MAX) - return; - - if (status_pass != pass) - { - fprintf(stdout, "\n Pass %d: ", pass); - status_pass = pass; - status_dots = 31; - } - - status_dots--; - - if (status_dots == 0) - { - fprintf(stdout, "\n "); - status_dots=30; - } - - fprintf(stdout, "r"); -} - -#ifdef PNG_WRITE_SUPPORTED -static void PNGCBAPI -write_row_callback(png_structp png_ptr, png_uint_32 row_number, int pass) -{ - if (png_ptr == NULL || row_number > PNG_UINT_31_MAX || pass > 7) - return; - - fprintf(stdout, "w"); -} -#endif - - -#ifdef PNG_READ_USER_TRANSFORM_SUPPORTED -/* Example of using a user transform callback (doesn't do anything at present). - */ -static void PNGCBAPI -read_user_callback(png_structp png_ptr, png_row_infop row_info, png_bytep data) -{ - PNG_UNUSED(png_ptr) - PNG_UNUSED(row_info) - PNG_UNUSED(data) -} -#endif - -#ifdef PNG_WRITE_USER_TRANSFORM_SUPPORTED -/* Example of using user transform callback (we don't transform anything, - * but merely count the zero samples) - */ - -static png_uint_32 zero_samples; - -static void PNGCBAPI -count_zero_samples(png_structp png_ptr, png_row_infop row_info, png_bytep data) -{ - png_bytep dp = data; - if (png_ptr == NULL) - return; - - /* Contents of row_info: - * png_uint_32 width width of row - * png_uint_32 rowbytes number of bytes in row - * png_byte color_type color type of pixels - * png_byte bit_depth bit depth of samples - * png_byte channels number of channels (1-4) - * png_byte pixel_depth bits per pixel (depth*channels) - */ - - /* Counts the number of zero samples (or zero pixels if color_type is 3 */ - - if (row_info->color_type == 0 || row_info->color_type == 3) - { - int pos = 0; - png_uint_32 n, nstop; - - for (n = 0, nstop=row_info->width; n<nstop; n++) - { - if (row_info->bit_depth == 1) - { - if (((*dp << pos++ ) & 0x80) == 0) - zero_samples++; - - if (pos == 8) - { - pos = 0; - dp++; - } - } - - if (row_info->bit_depth == 2) - { - if (((*dp << (pos+=2)) & 0xc0) == 0) - zero_samples++; - - if (pos == 8) - { - pos = 0; - dp++; - } - } - - if (row_info->bit_depth == 4) - { - if (((*dp << (pos+=4)) & 0xf0) == 0) - zero_samples++; - - if (pos == 8) - { - pos = 0; - dp++; - } - } - - if (row_info->bit_depth == 8) - if (*dp++ == 0) - zero_samples++; - - if (row_info->bit_depth == 16) - { - if ((*dp | *(dp+1)) == 0) - zero_samples++; - dp+=2; - } - } - } - else /* Other color types */ - { - png_uint_32 n, nstop; - int channel; - int color_channels = row_info->channels; - if (row_info->color_type > 3) - color_channels--; - - for (n = 0, nstop=row_info->width; n<nstop; n++) - { - for (channel = 0; channel < color_channels; channel++) - { - if (row_info->bit_depth == 8) - if (*dp++ == 0) - zero_samples++; - - if (row_info->bit_depth == 16) - { - if ((*dp | *(dp+1)) == 0) - zero_samples++; - - dp+=2; - } - } - if (row_info->color_type > 3) - { - dp++; - if (row_info->bit_depth == 16) - dp++; - } - } - } -} -#endif /* WRITE_USER_TRANSFORM */ - -#ifndef PNG_STDIO_SUPPORTED -/* START of code to validate stdio-free compilation */ -/* These copies of the default read/write functions come from pngrio.c and - * pngwio.c. They allow "don't include stdio" testing of the library. - * This is the function that does the actual reading of data. If you are - * not reading from a standard C stream, you should create a replacement - * read_data function and use it at run time with png_set_read_fn(), rather - * than changing the library. - */ - -#ifdef PNG_IO_STATE_SUPPORTED -void -pngtest_check_io_state(png_structp png_ptr, png_size_t data_length, - png_uint_32 io_op); -void -pngtest_check_io_state(png_structp png_ptr, png_size_t data_length, - png_uint_32 io_op) -{ - png_uint_32 io_state = png_get_io_state(png_ptr); - int err = 0; - - /* Check if the current operation (reading / writing) is as expected. */ - if ((io_state & PNG_IO_MASK_OP) != io_op) - png_error(png_ptr, "Incorrect operation in I/O state"); - - /* Check if the buffer size specific to the current location - * (file signature / header / data / crc) is as expected. - */ - switch (io_state & PNG_IO_MASK_LOC) - { - case PNG_IO_SIGNATURE: - if (data_length > 8) - err = 1; - break; - case PNG_IO_CHUNK_HDR: - if (data_length != 8) - err = 1; - break; - case PNG_IO_CHUNK_DATA: - break; /* no restrictions here */ - case PNG_IO_CHUNK_CRC: - if (data_length != 4) - err = 1; - break; - default: - err = 1; /* uninitialized */ - } - if (err != 0) - png_error(png_ptr, "Bad I/O state or buffer size"); -} -#endif - -static void PNGCBAPI -pngtest_read_data(png_structp png_ptr, png_bytep data, png_size_t length) -{ - png_size_t check = 0; - png_voidp io_ptr; - - /* fread() returns 0 on error, so it is OK to store this in a png_size_t - * instead of an int, which is what fread() actually returns. - */ - io_ptr = png_get_io_ptr(png_ptr); - if (io_ptr != NULL) - { - check = fread(data, 1, length, (png_FILE_p)io_ptr); - } - - if (check != length) - { - png_error(png_ptr, "Read Error"); - } - -#ifdef PNG_IO_STATE_SUPPORTED - pngtest_check_io_state(png_ptr, length, PNG_IO_READING); -#endif -} - -#ifdef PNG_WRITE_FLUSH_SUPPORTED -static void PNGCBAPI -pngtest_flush(png_structp png_ptr) -{ - /* Do nothing; fflush() is said to be just a waste of energy. */ - PNG_UNUSED(png_ptr) /* Stifle compiler warning */ -} -#endif - -/* This is the function that does the actual writing of data. If you are - * not writing to a standard C stream, you should create a replacement - * write_data function and use it at run time with png_set_write_fn(), rather - * than changing the library. - */ -static void PNGCBAPI -pngtest_write_data(png_structp png_ptr, png_bytep data, png_size_t length) -{ - png_size_t check; - - check = fwrite(data, 1, length, (png_FILE_p)png_get_io_ptr(png_ptr)); - - if (check != length) - { - png_error(png_ptr, "Write Error"); - } - -#ifdef PNG_IO_STATE_SUPPORTED - pngtest_check_io_state(png_ptr, length, PNG_IO_WRITING); -#endif -} -#endif /* !STDIO */ - -/* This function is called when there is a warning, but the library thinks - * it can continue anyway. Replacement functions don't have to do anything - * here if you don't want to. In the default configuration, png_ptr is - * not used, but it is passed in case it may be useful. - */ -typedef struct -{ - PNG_CONST char *file_name; -} pngtest_error_parameters; - -static void PNGCBAPI -pngtest_warning(png_structp png_ptr, png_const_charp message) -{ - PNG_CONST char *name = "UNKNOWN (ERROR!)"; - pngtest_error_parameters *test = - (pngtest_error_parameters*)png_get_error_ptr(png_ptr); - - ++warning_count; - - if (test != NULL && test->file_name != NULL) - name = test->file_name; - - fprintf(STDERR, "%s: libpng warning: %s\n", name, message); -} - -/* This is the default error handling function. Note that replacements for - * this function MUST NOT RETURN, or the program will likely crash. This - * function is used by default, or if the program supplies NULL for the - * error function pointer in png_set_error_fn(). - */ -static void PNGCBAPI -pngtest_error(png_structp png_ptr, png_const_charp message) -{ - ++error_count; - - pngtest_warning(png_ptr, message); - /* We can return because png_error calls the default handler, which is - * actually OK in this case. - */ -} - -/* END of code to validate stdio-free compilation */ - -/* START of code to validate memory allocation and deallocation */ -#if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG - -/* Allocate memory. For reasonable files, size should never exceed - * 64K. However, zlib may allocate more than 64K if you don't tell - * it not to. See zconf.h and png.h for more information. zlib does - * need to allocate exactly 64K, so whatever you call here must - * have the ability to do that. - * - * This piece of code can be compiled to validate max 64K allocations - * by setting MAXSEG_64K in zlib zconf.h *or* PNG_MAX_MALLOC_64K. - */ -typedef struct memory_information -{ - png_alloc_size_t size; - png_voidp pointer; - struct memory_information *next; -} memory_information; -typedef memory_information *memory_infop; - -static memory_infop pinformation = NULL; -static int current_allocation = 0; -static int maximum_allocation = 0; -static int total_allocation = 0; -static int num_allocations = 0; - -png_voidp PNGCBAPI png_debug_malloc PNGARG((png_structp png_ptr, - png_alloc_size_t size)); -void PNGCBAPI png_debug_free PNGARG((png_structp png_ptr, png_voidp ptr)); - -png_voidp -PNGCBAPI png_debug_malloc(png_structp png_ptr, png_alloc_size_t size) -{ - - /* png_malloc has already tested for NULL; png_create_struct calls - * png_debug_malloc directly, with png_ptr == NULL which is OK - */ - - if (size == 0) - return (NULL); - - /* This calls the library allocator twice, once to get the requested - buffer and once to get a new free list entry. */ - { - /* Disable malloc_fn and free_fn */ - memory_infop pinfo; - png_set_mem_fn(png_ptr, NULL, NULL, NULL); - pinfo = (memory_infop)png_malloc(png_ptr, - (sizeof *pinfo)); - pinfo->size = size; - current_allocation += size; - total_allocation += size; - num_allocations ++; - - if (current_allocation > maximum_allocation) - maximum_allocation = current_allocation; - - pinfo->pointer = png_malloc(png_ptr, size); - /* Restore malloc_fn and free_fn */ - - png_set_mem_fn(png_ptr, - NULL, png_debug_malloc, png_debug_free); - - if (size != 0 && pinfo->pointer == NULL) - { - current_allocation -= size; - total_allocation -= size; - png_error(png_ptr, - "out of memory in pngtest->png_debug_malloc"); - } - - pinfo->next = pinformation; - pinformation = pinfo; - /* Make sure the caller isn't assuming zeroed memory. */ - memset(pinfo->pointer, 0xdd, pinfo->size); - - if (verbose != 0) - printf("png_malloc %lu bytes at %p\n", (unsigned long)size, - pinfo->pointer); - - return (png_voidp)(pinfo->pointer); - } -} - -/* Free a pointer. It is removed from the list at the same time. */ -void PNGCBAPI -png_debug_free(png_structp png_ptr, png_voidp ptr) -{ - if (png_ptr == NULL) - fprintf(STDERR, "NULL pointer to png_debug_free.\n"); - - if (ptr == 0) - { -#if 0 /* This happens all the time. */ - fprintf(STDERR, "WARNING: freeing NULL pointer\n"); -#endif - return; - } - - /* Unlink the element from the list. */ - if (pinformation != NULL) - { - memory_infop *ppinfo = &pinformation; - - for (;;) - { - memory_infop pinfo = *ppinfo; - - if (pinfo->pointer == ptr) - { - *ppinfo = pinfo->next; - current_allocation -= pinfo->size; - if (current_allocation < 0) - fprintf(STDERR, "Duplicate free of memory\n"); - /* We must free the list element too, but first kill - the memory that is to be freed. */ - memset(ptr, 0x55, pinfo->size); - free(pinfo); - pinfo = NULL; - break; - } - - if (pinfo->next == NULL) - { - fprintf(STDERR, "Pointer %p not found\n", ptr); - break; - } - - ppinfo = &pinfo->next; - } - } - - /* Finally free the data. */ - if (verbose != 0) - printf("Freeing %p\n", ptr); - - if (ptr != NULL) - free(ptr); - ptr = NULL; -} -#endif /* USER_MEM && DEBUG */ -/* END of code to test memory allocation/deallocation */ - - -#ifdef PNG_READ_USER_CHUNKS_SUPPORTED -/* Demonstration of user chunk support of the sTER and vpAg chunks */ - -/* (sTER is a public chunk not yet known by libpng. vpAg is a private -chunk used in ImageMagick to store "virtual page" size). */ - -static struct user_chunk_data -{ - png_const_infop info_ptr; - png_uint_32 vpAg_width, vpAg_height; - png_byte vpAg_units; - png_byte sTER_mode; - int location[2]; -} -user_chunk_data; - -/* Used for location and order; zero means nothing. */ -#define have_sTER 0x01 -#define have_vpAg 0x02 -#define before_PLTE 0x10 -#define before_IDAT 0x20 -#define after_IDAT 0x40 - -static void -init_callback_info(png_const_infop info_ptr) -{ - MEMZERO(user_chunk_data); - user_chunk_data.info_ptr = info_ptr; -} - -static int -set_location(png_structp png_ptr, struct user_chunk_data *data, int what) -{ - int location; - - if ((data->location[0] & what) != 0 || (data->location[1] & what) != 0) - return 0; /* already have one of these */ - - /* Find where we are (the code below zeroes info_ptr to indicate that the - * chunks before the first IDAT have been read.) - */ - if (data->info_ptr == NULL) /* after IDAT */ - location = what | after_IDAT; - - else if (png_get_valid(png_ptr, data->info_ptr, PNG_INFO_PLTE) != 0) - location = what | before_IDAT; - - else - location = what | before_PLTE; - - if (data->location[0] == 0) - data->location[0] = location; - - else - data->location[1] = location; - - return 1; /* handled */ -} - -static int PNGCBAPI -read_user_chunk_callback(png_struct *png_ptr, png_unknown_chunkp chunk) -{ - struct user_chunk_data *my_user_chunk_data = - (struct user_chunk_data*)png_get_user_chunk_ptr(png_ptr); - - if (my_user_chunk_data == NULL) - png_error(png_ptr, "lost user chunk pointer"); - - /* Return one of the following: - * return (-n); chunk had an error - * return (0); did not recognize - * return (n); success - * - * The unknown chunk structure contains the chunk data: - * png_byte name[5]; - * png_byte *data; - * png_size_t size; - * - * Note that libpng has already taken care of the CRC handling. - */ - - if (chunk->name[0] == 115 && chunk->name[1] == 84 && /* s T */ - chunk->name[2] == 69 && chunk->name[3] == 82) /* E R */ - { - /* Found sTER chunk */ - if (chunk->size != 1) - return (-1); /* Error return */ - - if (chunk->data[0] != 0 && chunk->data[0] != 1) - return (-1); /* Invalid mode */ - - if (set_location(png_ptr, my_user_chunk_data, have_sTER) != 0) - { - my_user_chunk_data->sTER_mode=chunk->data[0]; - return (1); - } - - else - return (0); /* duplicate sTER - give it to libpng */ - } - - if (chunk->name[0] != 118 || chunk->name[1] != 112 || /* v p */ - chunk->name[2] != 65 || chunk->name[3] != 103) /* A g */ - return (0); /* Did not recognize */ - - /* Found ImageMagick vpAg chunk */ - - if (chunk->size != 9) - return (-1); /* Error return */ - - if (set_location(png_ptr, my_user_chunk_data, have_vpAg) == 0) - return (0); /* duplicate vpAg */ - - my_user_chunk_data->vpAg_width = png_get_uint_31(png_ptr, chunk->data); - my_user_chunk_data->vpAg_height = png_get_uint_31(png_ptr, chunk->data + 4); - my_user_chunk_data->vpAg_units = chunk->data[8]; - - return (1); -} - -#ifdef PNG_WRITE_SUPPORTED -static void -write_sTER_chunk(png_structp write_ptr) -{ - png_byte sTER[5] = {115, 84, 69, 82, '\0'}; - - if (verbose != 0) - fprintf(STDERR, "\n stereo mode = %d\n", user_chunk_data.sTER_mode); - - png_write_chunk(write_ptr, sTER, &user_chunk_data.sTER_mode, 1); -} - -static void -write_vpAg_chunk(png_structp write_ptr) -{ - png_byte vpAg[5] = {118, 112, 65, 103, '\0'}; - - png_byte vpag_chunk_data[9]; - - if (verbose != 0) - fprintf(STDERR, " vpAg = %lu x %lu, units = %d\n", - (unsigned long)user_chunk_data.vpAg_width, - (unsigned long)user_chunk_data.vpAg_height, - user_chunk_data.vpAg_units); - - png_save_uint_32(vpag_chunk_data, user_chunk_data.vpAg_width); - png_save_uint_32(vpag_chunk_data + 4, user_chunk_data.vpAg_height); - vpag_chunk_data[8] = user_chunk_data.vpAg_units; - png_write_chunk(write_ptr, vpAg, vpag_chunk_data, 9); -} - -static void -write_chunks(png_structp write_ptr, int location) -{ - int i; - - /* Notice that this preserves the original chunk order, however chunks - * intercepted by the callback will be written *after* chunks passed to - * libpng. This will actually reverse a pair of sTER chunks or a pair of - * vpAg chunks, resulting in an error later. This is not worth worrying - * about - the chunks should not be duplicated! - */ - for (i=0; i<2; ++i) - { - if (user_chunk_data.location[i] == (location | have_sTER)) - write_sTER_chunk(write_ptr); - - else if (user_chunk_data.location[i] == (location | have_vpAg)) - write_vpAg_chunk(write_ptr); - } -} -#endif /* WRITE */ -#else /* !READ_USER_CHUNKS */ -# define write_chunks(pp,loc) ((void)0) -#endif -/* END of code to demonstrate user chunk support */ - -/* START of code to check that libpng has the required text support; this only - * checks for the write support because if read support is missing the chunk - * will simply not be reported back to pngtest. - */ -#ifdef PNG_TEXT_SUPPORTED -static void -pngtest_check_text_support(png_structp png_ptr, png_textp text_ptr, - int num_text) -{ - while (num_text > 0) - { - switch (text_ptr[--num_text].compression) - { - case PNG_TEXT_COMPRESSION_NONE: - break; - - case PNG_TEXT_COMPRESSION_zTXt: -# ifndef PNG_WRITE_zTXt_SUPPORTED - ++unsupported_chunks; - /* In libpng 1.7 this now does an app-error, so stop it: */ - text_ptr[num_text].compression = PNG_TEXT_COMPRESSION_NONE; -# endif - break; - - case PNG_ITXT_COMPRESSION_NONE: - case PNG_ITXT_COMPRESSION_zTXt: -# ifndef PNG_WRITE_iTXt_SUPPORTED - ++unsupported_chunks; - text_ptr[num_text].compression = PNG_TEXT_COMPRESSION_NONE; -# endif - break; - - default: - /* This is an error */ - png_error(png_ptr, "invalid text chunk compression field"); - break; - } - } -} -#endif -/* END of code to check that libpng has the required text support */ - -/* Test one file */ -static int -test_one_file(PNG_CONST char *inname, PNG_CONST char *outname) -{ - static png_FILE_p fpin; - static png_FILE_p fpout; /* "static" prevents setjmp corruption */ - pngtest_error_parameters error_parameters; - png_structp read_ptr; - png_infop read_info_ptr, end_info_ptr; -#ifdef PNG_WRITE_SUPPORTED - png_structp write_ptr; - png_infop write_info_ptr; - png_infop write_end_info_ptr; -#ifdef PNG_WRITE_FILTER_SUPPORTED - int interlace_preserved = 1; -#endif /* WRITE_FILTER */ -#else /* !WRITE */ - png_structp write_ptr = NULL; - png_infop write_info_ptr = NULL; - png_infop write_end_info_ptr = NULL; -#endif /* !WRITE */ - png_bytep row_buf; - png_uint_32 y; - png_uint_32 width, height; - volatile int num_passes; - int pass; - int bit_depth, color_type; - - row_buf = NULL; - error_parameters.file_name = inname; - - if ((fpin = fopen(inname, "rb")) == NULL) - { - fprintf(STDERR, "Could not find input file %s\n", inname); - return (1); - } - - if ((fpout = fopen(outname, "wb")) == NULL) - { - fprintf(STDERR, "Could not open output file %s\n", outname); - FCLOSE(fpin); - return (1); - } - - pngtest_debug("Allocating read and write structures"); -#if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG - read_ptr = - png_create_read_struct_2(PNG_LIBPNG_VER_STRING, NULL, - NULL, NULL, NULL, png_debug_malloc, png_debug_free); -#else - read_ptr = - png_create_read_struct(PNG_LIBPNG_VER_STRING, NULL, NULL, NULL); -#endif - png_set_error_fn(read_ptr, &error_parameters, pngtest_error, - pngtest_warning); - -#ifdef PNG_WRITE_SUPPORTED -#if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG - write_ptr = - png_create_write_struct_2(PNG_LIBPNG_VER_STRING, NULL, - NULL, NULL, NULL, png_debug_malloc, png_debug_free); -#else - write_ptr = - png_create_write_struct(PNG_LIBPNG_VER_STRING, NULL, NULL, NULL); -#endif - png_set_error_fn(write_ptr, &error_parameters, pngtest_error, - pngtest_warning); -#endif - pngtest_debug("Allocating read_info, write_info and end_info structures"); - read_info_ptr = png_create_info_struct(read_ptr); - end_info_ptr = png_create_info_struct(read_ptr); -#ifdef PNG_WRITE_SUPPORTED - write_info_ptr = png_create_info_struct(write_ptr); - write_end_info_ptr = png_create_info_struct(write_ptr); -#endif - -#ifdef PNG_READ_USER_CHUNKS_SUPPORTED - init_callback_info(read_info_ptr); - png_set_read_user_chunk_fn(read_ptr, &user_chunk_data, - read_user_chunk_callback); -#endif - -#ifdef PNG_SETJMP_SUPPORTED - pngtest_debug("Setting jmpbuf for read struct"); - if (setjmp(png_jmpbuf(read_ptr))) - { - fprintf(STDERR, "%s -> %s: libpng read error\n", inname, outname); - png_free(read_ptr, row_buf); - row_buf = NULL; - png_destroy_read_struct(&read_ptr, &read_info_ptr, &end_info_ptr); -#ifdef PNG_WRITE_SUPPORTED - png_destroy_info_struct(write_ptr, &write_end_info_ptr); - png_destroy_write_struct(&write_ptr, &write_info_ptr); -#endif - FCLOSE(fpin); - FCLOSE(fpout); - return (1); - } - -#ifdef PNG_WRITE_SUPPORTED - pngtest_debug("Setting jmpbuf for write struct"); - - if (setjmp(png_jmpbuf(write_ptr))) - { - fprintf(STDERR, "%s -> %s: libpng write error\n", inname, outname); - png_destroy_read_struct(&read_ptr, &read_info_ptr, &end_info_ptr); - png_destroy_info_struct(write_ptr, &write_end_info_ptr); -#ifdef PNG_WRITE_SUPPORTED - png_destroy_write_struct(&write_ptr, &write_info_ptr); -#endif - FCLOSE(fpin); - FCLOSE(fpout); - return (1); - } -#endif -#endif - - if (strict != 0) - { - /* Treat png_benign_error() as errors on read */ - png_set_benign_errors(read_ptr, 0); - -#ifdef PNG_WRITE_SUPPORTED - /* Treat them as errors on write */ - png_set_benign_errors(write_ptr, 0); -#endif - - /* if strict is not set, then app warnings and errors are treated as - * warnings in release builds, but not in unstable builds; this can be - * changed with '--relaxed'. - */ - } - - else if (relaxed != 0) - { - /* Allow application (pngtest) errors and warnings to pass */ - png_set_benign_errors(read_ptr, 1); - -#ifdef PNG_WRITE_SUPPORTED - png_set_benign_errors(write_ptr, 1); -#endif - } - - pngtest_debug("Initializing input and output streams"); -#ifdef PNG_STDIO_SUPPORTED - png_init_io(read_ptr, fpin); -# ifdef PNG_WRITE_SUPPORTED - png_init_io(write_ptr, fpout); -# endif -#else - png_set_read_fn(read_ptr, (png_voidp)fpin, pngtest_read_data); -# ifdef PNG_WRITE_SUPPORTED - png_set_write_fn(write_ptr, (png_voidp)fpout, pngtest_write_data, -# ifdef PNG_WRITE_FLUSH_SUPPORTED - pngtest_flush); -# else - NULL); -# endif -# endif -#endif - - if (status_dots_requested == 1) - { -#ifdef PNG_WRITE_SUPPORTED - png_set_write_status_fn(write_ptr, write_row_callback); -#endif - png_set_read_status_fn(read_ptr, read_row_callback); - } - - else - { -#ifdef PNG_WRITE_SUPPORTED - png_set_write_status_fn(write_ptr, NULL); -#endif - png_set_read_status_fn(read_ptr, NULL); - } - -#ifdef PNG_READ_USER_TRANSFORM_SUPPORTED - png_set_read_user_transform_fn(read_ptr, read_user_callback); -#endif -#ifdef PNG_WRITE_USER_TRANSFORM_SUPPORTED - zero_samples = 0; - png_set_write_user_transform_fn(write_ptr, count_zero_samples); -#endif - -#ifdef PNG_SET_UNKNOWN_CHUNKS_SUPPORTED - /* Preserve all the unknown chunks, if possible. If this is disabled then, - * even if the png_{get,set}_unknown_chunks stuff is enabled, we can't use - * libpng to *save* the unknown chunks on read (because we can't switch the - * save option on!) - * - * Notice that if SET_UNKNOWN_CHUNKS is *not* supported read will discard all - * unknown chunks and write will write them all. - */ -#ifdef PNG_SAVE_UNKNOWN_CHUNKS_SUPPORTED - png_set_keep_unknown_chunks(read_ptr, PNG_HANDLE_CHUNK_ALWAYS, - NULL, 0); -#endif -#ifdef PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED - png_set_keep_unknown_chunks(write_ptr, PNG_HANDLE_CHUNK_ALWAYS, - NULL, 0); -#endif -#endif - - pngtest_debug("Reading info struct"); - png_read_info(read_ptr, read_info_ptr); - -#ifdef PNG_READ_USER_CHUNKS_SUPPORTED - /* This is a bit of a hack; there is no obvious way in the callback function - * to determine that the chunks before the first IDAT have been read, so - * remove the info_ptr (which is only used to determine position relative to - * PLTE) here to indicate that we are after the IDAT. - */ - user_chunk_data.info_ptr = NULL; -#endif - - pngtest_debug("Transferring info struct"); - { - int interlace_type, compression_type, filter_type; - - if (png_get_IHDR(read_ptr, read_info_ptr, &width, &height, &bit_depth, - &color_type, &interlace_type, &compression_type, &filter_type) != 0) - { - png_set_IHDR(write_ptr, write_info_ptr, width, height, bit_depth, - color_type, interlace_type, compression_type, filter_type); - /* num_passes may not be available below if interlace support is not - * provided by libpng for both read and write. - */ - switch (interlace_type) - { - case PNG_INTERLACE_NONE: - num_passes = 1; - break; - - case PNG_INTERLACE_ADAM7: - num_passes = 7; - break; - - default: - png_error(read_ptr, "invalid interlace type"); - /*NOT REACHED*/ - } - } - - else - png_error(read_ptr, "png_get_IHDR failed"); - } -#ifdef PNG_FIXED_POINT_SUPPORTED -#ifdef PNG_cHRM_SUPPORTED - { - png_fixed_point white_x, white_y, red_x, red_y, green_x, green_y, blue_x, - blue_y; - - if (png_get_cHRM_fixed(read_ptr, read_info_ptr, &white_x, &white_y, - &red_x, &red_y, &green_x, &green_y, &blue_x, &blue_y) != 0) - { - png_set_cHRM_fixed(write_ptr, write_info_ptr, white_x, white_y, red_x, - red_y, green_x, green_y, blue_x, blue_y); - } - } -#endif -#ifdef PNG_gAMA_SUPPORTED - { - png_fixed_point gamma; - - if (png_get_gAMA_fixed(read_ptr, read_info_ptr, &gamma) != 0) - png_set_gAMA_fixed(write_ptr, write_info_ptr, gamma); - } -#endif -#else /* Use floating point versions */ -#ifdef PNG_FLOATING_POINT_SUPPORTED -#ifdef PNG_cHRM_SUPPORTED - { - double white_x, white_y, red_x, red_y, green_x, green_y, blue_x, - blue_y; - - if (png_get_cHRM(read_ptr, read_info_ptr, &white_x, &white_y, &red_x, - &red_y, &green_x, &green_y, &blue_x, &blue_y) != 0) - { - png_set_cHRM(write_ptr, write_info_ptr, white_x, white_y, red_x, - red_y, green_x, green_y, blue_x, blue_y); - } - } -#endif -#ifdef PNG_gAMA_SUPPORTED - { - double gamma; - - if (png_get_gAMA(read_ptr, read_info_ptr, &gamma) != 0) - png_set_gAMA(write_ptr, write_info_ptr, gamma); - } -#endif -#endif /* Floating point */ -#endif /* Fixed point */ -#ifdef PNG_iCCP_SUPPORTED - { - png_charp name; - png_bytep profile; - png_uint_32 proflen; - int compression_type; - - if (png_get_iCCP(read_ptr, read_info_ptr, &name, &compression_type, - &profile, &proflen) != 0) - { - png_set_iCCP(write_ptr, write_info_ptr, name, compression_type, - profile, proflen); - } - } -#endif -#ifdef PNG_sRGB_SUPPORTED - { - int intent; - - if (png_get_sRGB(read_ptr, read_info_ptr, &intent) != 0) - png_set_sRGB(write_ptr, write_info_ptr, intent); - } -#endif - { - png_colorp palette; - int num_palette; - - if (png_get_PLTE(read_ptr, read_info_ptr, &palette, &num_palette) != 0) - png_set_PLTE(write_ptr, write_info_ptr, palette, num_palette); - } -#ifdef PNG_bKGD_SUPPORTED - { - png_color_16p background; - - if (png_get_bKGD(read_ptr, read_info_ptr, &background) != 0) - { - png_set_bKGD(write_ptr, write_info_ptr, background); - } - } -#endif -#ifdef PNG_hIST_SUPPORTED - { - png_uint_16p hist; - - if (png_get_hIST(read_ptr, read_info_ptr, &hist) != 0) - png_set_hIST(write_ptr, write_info_ptr, hist); - } -#endif -#ifdef PNG_oFFs_SUPPORTED - { - png_int_32 offset_x, offset_y; - int unit_type; - - if (png_get_oFFs(read_ptr, read_info_ptr, &offset_x, &offset_y, - &unit_type) != 0) - { - png_set_oFFs(write_ptr, write_info_ptr, offset_x, offset_y, unit_type); - } - } -#endif -#ifdef PNG_pCAL_SUPPORTED - { - png_charp purpose, units; - png_charpp params; - png_int_32 X0, X1; - int type, nparams; - - if (png_get_pCAL(read_ptr, read_info_ptr, &purpose, &X0, &X1, &type, - &nparams, &units, ¶ms) != 0) - { - png_set_pCAL(write_ptr, write_info_ptr, purpose, X0, X1, type, - nparams, units, params); - } - } -#endif -#ifdef PNG_pHYs_SUPPORTED - { - png_uint_32 res_x, res_y; - int unit_type; - - if (png_get_pHYs(read_ptr, read_info_ptr, &res_x, &res_y, - &unit_type) != 0) - png_set_pHYs(write_ptr, write_info_ptr, res_x, res_y, unit_type); - } -#endif -#ifdef PNG_sBIT_SUPPORTED - { - png_color_8p sig_bit; - - if (png_get_sBIT(read_ptr, read_info_ptr, &sig_bit) != 0) - png_set_sBIT(write_ptr, write_info_ptr, sig_bit); - } -#endif -#ifdef PNG_sCAL_SUPPORTED -#if defined(PNG_FLOATING_POINT_SUPPORTED) && \ - defined(PNG_FLOATING_ARITHMETIC_SUPPORTED) - { - int unit; - double scal_width, scal_height; - - if (png_get_sCAL(read_ptr, read_info_ptr, &unit, &scal_width, - &scal_height) != 0) - { - png_set_sCAL(write_ptr, write_info_ptr, unit, scal_width, scal_height); - } - } -#else -#ifdef PNG_FIXED_POINT_SUPPORTED - { - int unit; - png_charp scal_width, scal_height; - - if (png_get_sCAL_s(read_ptr, read_info_ptr, &unit, &scal_width, - &scal_height) != 0) - { - png_set_sCAL_s(write_ptr, write_info_ptr, unit, scal_width, - scal_height); - } - } -#endif -#endif -#endif - -#ifdef PNG_sPLT_SUPPORTED - { - png_sPLT_tp entries; - - int num_entries = (int) png_get_sPLT(read_ptr, read_info_ptr, &entries); - if (num_entries) - { - png_set_sPLT(write_ptr, write_info_ptr, entries, num_entries); - } - } -#endif - -#ifdef PNG_TEXT_SUPPORTED - { - png_textp text_ptr; - int num_text; - - if (png_get_text(read_ptr, read_info_ptr, &text_ptr, &num_text) > 0) - { - pngtest_debug1("Handling %d iTXt/tEXt/zTXt chunks", num_text); - - pngtest_check_text_support(read_ptr, text_ptr, num_text); - - if (verbose != 0) - { - int i; - - printf("\n"); - for (i=0; i<num_text; i++) - { - printf(" Text compression[%d]=%d\n", - i, text_ptr[i].compression); - } - } - - png_set_text(write_ptr, write_info_ptr, text_ptr, num_text); - } - } -#endif -#ifdef PNG_tIME_SUPPORTED - { - png_timep mod_time; - - if (png_get_tIME(read_ptr, read_info_ptr, &mod_time) != 0) - { - png_set_tIME(write_ptr, write_info_ptr, mod_time); -#ifdef PNG_TIME_RFC1123_SUPPORTED - if (png_convert_to_rfc1123_buffer(tIME_string, mod_time) != 0) - tIME_string[(sizeof tIME_string) - 1] = '\0'; - - else - { - strncpy(tIME_string, "*** invalid time ***", (sizeof tIME_string)); - tIME_string[(sizeof tIME_string) - 1] = '\0'; - } - - tIME_chunk_present++; -#endif /* TIME_RFC1123 */ - } - } -#endif -#ifdef PNG_tRNS_SUPPORTED - { - png_bytep trans_alpha; - int num_trans; - png_color_16p trans_color; - - if (png_get_tRNS(read_ptr, read_info_ptr, &trans_alpha, &num_trans, - &trans_color) != 0) - { - int sample_max = (1 << bit_depth); - /* libpng doesn't reject a tRNS chunk with out-of-range samples */ - if (!((color_type == PNG_COLOR_TYPE_GRAY && - (int)trans_color->gray > sample_max) || - (color_type == PNG_COLOR_TYPE_RGB && - ((int)trans_color->red > sample_max || - (int)trans_color->green > sample_max || - (int)trans_color->blue > sample_max)))) - png_set_tRNS(write_ptr, write_info_ptr, trans_alpha, num_trans, - trans_color); - } - } -#endif -#ifdef PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED - { - png_unknown_chunkp unknowns; - int num_unknowns = png_get_unknown_chunks(read_ptr, read_info_ptr, - &unknowns); - - if (num_unknowns != 0) - { - png_set_unknown_chunks(write_ptr, write_info_ptr, unknowns, - num_unknowns); -#if PNG_LIBPNG_VER < 10600 - /* Copy the locations from the read_info_ptr. The automatically - * generated locations in write_end_info_ptr are wrong prior to 1.6.0 - * because they are reset from the write pointer (removed in 1.6.0). - */ - { - int i; - for (i = 0; i < num_unknowns; i++) - png_set_unknown_chunk_location(write_ptr, write_info_ptr, i, - unknowns[i].location); - } -#endif - } - } -#endif - -#ifdef PNG_WRITE_SUPPORTED - pngtest_debug("Writing info struct"); - - /* Write the info in two steps so that if we write the 'unknown' chunks here - * they go to the correct place. - */ - png_write_info_before_PLTE(write_ptr, write_info_ptr); - - write_chunks(write_ptr, before_PLTE); /* before PLTE */ - - png_write_info(write_ptr, write_info_ptr); - - write_chunks(write_ptr, before_IDAT); /* after PLTE */ -#endif - -#ifdef SINGLE_ROWBUF_ALLOC - pngtest_debug("Allocating row buffer..."); - row_buf = (png_bytep)png_malloc(read_ptr, - png_get_rowbytes(read_ptr, read_info_ptr)); - - pngtest_debug1("\t0x%08lx", (unsigned long)row_buf); -#endif /* SINGLE_ROWBUF_ALLOC */ - pngtest_debug("Writing row data"); - -#if defined(PNG_READ_INTERLACING_SUPPORTED) &&\ - defined(PNG_WRITE_INTERLACING_SUPPORTED) - /* Both must be defined for libpng to be able to handle the interlace, - * otherwise it gets handled below by simply reading and writing the passes - * directly. - */ - if (png_set_interlace_handling(read_ptr) != num_passes) - png_error(write_ptr, - "png_set_interlace_handling(read): wrong pass count "); - if (png_set_interlace_handling(write_ptr) != num_passes) - png_error(write_ptr, - "png_set_interlace_handling(write): wrong pass count "); -#else /* png_set_interlace_handling not called on either read or write */ -# define calc_pass_height -#endif /* not using libpng interlace handling */ - -#ifdef PNGTEST_TIMING - t_stop = (float)clock(); - t_misc += (t_stop - t_start); - t_start = t_stop; -#endif - for (pass = 0; pass < num_passes; pass++) - { -# ifdef calc_pass_height - png_uint_32 pass_height; - - if (num_passes == 7) /* interlaced */ - { - if (PNG_PASS_COLS(width, pass) > 0) - pass_height = PNG_PASS_ROWS(height, pass); - - else - pass_height = 0; - } - - else /* not interlaced */ - pass_height = height; -# else -# define pass_height height -# endif - - pngtest_debug1("Writing row data for pass %d", pass); - for (y = 0; y < pass_height; y++) - { -#ifndef SINGLE_ROWBUF_ALLOC - pngtest_debug2("Allocating row buffer (pass %d, y = %u)...", pass, y); - - row_buf = (png_bytep)png_malloc(read_ptr, - png_get_rowbytes(read_ptr, read_info_ptr)); - - pngtest_debug2("\t0x%08lx (%lu bytes)", (unsigned long)row_buf, - (unsigned long)png_get_rowbytes(read_ptr, read_info_ptr)); - -#endif /* !SINGLE_ROWBUF_ALLOC */ - png_read_rows(read_ptr, (png_bytepp)&row_buf, NULL, 1); - -#ifdef PNG_WRITE_SUPPORTED -#ifdef PNGTEST_TIMING - t_stop = (float)clock(); - t_decode += (t_stop - t_start); - t_start = t_stop; -#endif - png_write_rows(write_ptr, (png_bytepp)&row_buf, 1); -#ifdef PNGTEST_TIMING - t_stop = (float)clock(); - t_encode += (t_stop - t_start); - t_start = t_stop; -#endif -#endif /* WRITE */ - -#ifndef SINGLE_ROWBUF_ALLOC - pngtest_debug2("Freeing row buffer (pass %d, y = %u)", pass, y); - png_free(read_ptr, row_buf); - row_buf = NULL; -#endif /* !SINGLE_ROWBUF_ALLOC */ - } - } - -#ifdef PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED -# ifdef PNG_READ_UNKNOWN_CHUNKS_SUPPORTED - png_free_data(read_ptr, read_info_ptr, PNG_FREE_UNKN, -1); -# endif -# ifdef PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED - png_free_data(write_ptr, write_info_ptr, PNG_FREE_UNKN, -1); -# endif -#endif - - pngtest_debug("Reading and writing end_info data"); - - png_read_end(read_ptr, end_info_ptr); -#ifdef PNG_TEXT_SUPPORTED - { - png_textp text_ptr; - int num_text; - - if (png_get_text(read_ptr, end_info_ptr, &text_ptr, &num_text) > 0) - { - pngtest_debug1("Handling %d iTXt/tEXt/zTXt chunks", num_text); - - pngtest_check_text_support(read_ptr, text_ptr, num_text); - - if (verbose != 0) - { - int i; - - printf("\n"); - for (i=0; i<num_text; i++) - { - printf(" Text compression[%d]=%d\n", - i, text_ptr[i].compression); - } - } - - png_set_text(write_ptr, write_end_info_ptr, text_ptr, num_text); - } - } -#endif -#ifdef PNG_tIME_SUPPORTED - { - png_timep mod_time; - - if (png_get_tIME(read_ptr, end_info_ptr, &mod_time) != 0) - { - png_set_tIME(write_ptr, write_end_info_ptr, mod_time); -#ifdef PNG_TIME_RFC1123_SUPPORTED - if (png_convert_to_rfc1123_buffer(tIME_string, mod_time) != 0) - tIME_string[(sizeof tIME_string) - 1] = '\0'; - - else - { - strncpy(tIME_string, "*** invalid time ***", sizeof tIME_string); - tIME_string[(sizeof tIME_string)-1] = '\0'; - } - - tIME_chunk_present++; -#endif /* TIME_RFC1123 */ - } - } -#endif -#ifdef PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED - { - png_unknown_chunkp unknowns; - int num_unknowns = png_get_unknown_chunks(read_ptr, end_info_ptr, - &unknowns); - - if (num_unknowns != 0) - { - png_set_unknown_chunks(write_ptr, write_end_info_ptr, unknowns, - num_unknowns); -#if PNG_LIBPNG_VER < 10600 - /* Copy the locations from the read_info_ptr. The automatically - * generated locations in write_end_info_ptr are wrong prior to 1.6.0 - * because they are reset from the write pointer (removed in 1.6.0). - */ - { - int i; - for (i = 0; i < num_unknowns; i++) - png_set_unknown_chunk_location(write_ptr, write_end_info_ptr, i, - unknowns[i].location); - } -#endif - } - } -#endif - -#ifdef PNG_WRITE_SUPPORTED -#ifdef PNG_WRITE_CUSTOMIZE_ZTXT_COMPRESSION_SUPPORTED - /* Normally one would use Z_DEFAULT_STRATEGY for text compression. - * This is here just to make pngtest replicate the results from libpng - * versions prior to 1.5.4, and to test this new API. - */ - png_set_text_compression_strategy(write_ptr, Z_FILTERED); -#endif - - /* When the unknown vpAg/sTER chunks are written by pngtest the only way to - * do it is to write them *before* calling png_write_end. When unknown - * chunks are written by libpng, however, they are written just before IEND. - * There seems to be no way round this, however vpAg/sTER are not expected - * after IDAT. - */ - write_chunks(write_ptr, after_IDAT); - - png_write_end(write_ptr, write_end_info_ptr); -#endif - -#ifdef PNG_EASY_ACCESS_SUPPORTED - if (verbose != 0) - { - png_uint_32 iwidth, iheight; - iwidth = png_get_image_width(write_ptr, write_info_ptr); - iheight = png_get_image_height(write_ptr, write_info_ptr); - fprintf(STDERR, "\n Image width = %lu, height = %lu\n", - (unsigned long)iwidth, (unsigned long)iheight); - } -#endif - - pngtest_debug("Destroying data structs"); -#ifdef SINGLE_ROWBUF_ALLOC - pngtest_debug("destroying row_buf for read_ptr"); - png_free(read_ptr, row_buf); - row_buf = NULL; -#endif /* SINGLE_ROWBUF_ALLOC */ - pngtest_debug("destroying read_ptr, read_info_ptr, end_info_ptr"); - png_destroy_read_struct(&read_ptr, &read_info_ptr, &end_info_ptr); -#ifdef PNG_WRITE_SUPPORTED - pngtest_debug("destroying write_end_info_ptr"); - png_destroy_info_struct(write_ptr, &write_end_info_ptr); - pngtest_debug("destroying write_ptr, write_info_ptr"); - png_destroy_write_struct(&write_ptr, &write_info_ptr); -#endif - pngtest_debug("Destruction complete."); - - FCLOSE(fpin); - FCLOSE(fpout); - - /* Summarize any warnings or errors and in 'strict' mode fail the test. - * Unsupported chunks can result in warnings, in that case ignore the strict - * setting, otherwise fail the test on warnings as well as errors. - */ - if (error_count > 0) - { - /* We don't really expect to get here because of the setjmp handling - * above, but this is safe. - */ - fprintf(STDERR, "\n %s: %d libpng errors found (%d warnings)", - inname, error_count, warning_count); - - if (strict != 0) - return (1); - } - -# ifdef PNG_WRITE_SUPPORTED - /* If there is no write support nothing was written! */ - else if (unsupported_chunks > 0) - { - fprintf(STDERR, "\n %s: unsupported chunks (%d)%s", - inname, unsupported_chunks, strict ? ": IGNORED --strict!" : ""); - } -# endif - - else if (warning_count > 0) - { - fprintf(STDERR, "\n %s: %d libpng warnings found", - inname, warning_count); - - if (strict != 0) - return (1); - } - - pngtest_debug("Opening files for comparison"); - if ((fpin = fopen(inname, "rb")) == NULL) - { - fprintf(STDERR, "Could not find file %s\n", inname); - return (1); - } - - if ((fpout = fopen(outname, "rb")) == NULL) - { - fprintf(STDERR, "Could not find file %s\n", outname); - FCLOSE(fpin); - return (1); - } - -#if defined (PNG_WRITE_SUPPORTED) /* else nothing was written */ &&\ - defined (PNG_WRITE_FILTER_SUPPORTED) - if (interlace_preserved != 0) /* else the files will be changed */ - { - for (;;) - { - static int wrote_question = 0; - png_size_t num_in, num_out; - char inbuf[256], outbuf[256]; - - num_in = fread(inbuf, 1, sizeof inbuf, fpin); - num_out = fread(outbuf, 1, sizeof outbuf, fpout); - - if (num_in != num_out) - { - fprintf(STDERR, "\nFiles %s and %s are of a different size\n", - inname, outname); - - if (wrote_question == 0 && unsupported_chunks == 0) - { - fprintf(STDERR, - " Was %s written with the same maximum IDAT chunk size (%d bytes),", - inname, PNG_ZBUF_SIZE); - fprintf(STDERR, - "\n filtering heuristic (libpng default), compression"); - fprintf(STDERR, - " level (zlib default),\n and zlib version (%s)?\n\n", - ZLIB_VERSION); - wrote_question = 1; - } - - FCLOSE(fpin); - FCLOSE(fpout); - - if (strict != 0 && unsupported_chunks == 0) - return (1); - - else - return (0); - } - - if (num_in == 0) - break; - - if (memcmp(inbuf, outbuf, num_in)) - { - fprintf(STDERR, "\nFiles %s and %s are different\n", inname, - outname); - - if (wrote_question == 0 && unsupported_chunks == 0) - { - fprintf(STDERR, - " Was %s written with the same maximum IDAT chunk size (%d bytes),", - inname, PNG_ZBUF_SIZE); - fprintf(STDERR, - "\n filtering heuristic (libpng default), compression"); - fprintf(STDERR, - " level (zlib default),\n and zlib version (%s)?\n\n", - ZLIB_VERSION); - wrote_question = 1; - } - - FCLOSE(fpin); - FCLOSE(fpout); - - /* NOTE: the unsupported_chunks escape is permitted here because - * unsupported text chunk compression will result in the compression - * mode being changed (to NONE) yet, in the test case, the result - * can be exactly the same size! - */ - if (strict != 0 && unsupported_chunks == 0) - return (1); - - else - return (0); - } - } - } -#endif /* WRITE && WRITE_FILTER */ - - FCLOSE(fpin); - FCLOSE(fpout); - - return (0); -} - -/* Input and output filenames */ -#ifdef RISCOS -static PNG_CONST char *inname = "pngtest/png"; -static PNG_CONST char *outname = "pngout/png"; -#else -static PNG_CONST char *inname = "pngtest.png"; -static PNG_CONST char *outname = "pngout.png"; -#endif - -int -main(int argc, char *argv[]) -{ - int multiple = 0; - int ierror = 0; - - png_structp dummy_ptr; - - fprintf(STDERR, "\n Testing libpng version %s\n", PNG_LIBPNG_VER_STRING); - fprintf(STDERR, " with zlib version %s\n", ZLIB_VERSION); - fprintf(STDERR, "%s", png_get_copyright(NULL)); - /* Show the version of libpng used in building the library */ - fprintf(STDERR, " library (%lu):%s", - (unsigned long)png_access_version_number(), - png_get_header_version(NULL)); - - /* Show the version of libpng used in building the application */ - fprintf(STDERR, " pngtest (%lu):%s", (unsigned long)PNG_LIBPNG_VER, - PNG_HEADER_VERSION_STRING); - - /* Do some consistency checking on the memory allocation settings, I'm - * not sure this matters, but it is nice to know, the first of these - * tests should be impossible because of the way the macros are set - * in pngconf.h - */ -#if defined(MAXSEG_64K) && !defined(PNG_MAX_MALLOC_64K) - fprintf(STDERR, " NOTE: Zlib compiled for max 64k, libpng not\n"); -#endif - /* I think the following can happen. */ -#if !defined(MAXSEG_64K) && defined(PNG_MAX_MALLOC_64K) - fprintf(STDERR, " NOTE: libpng compiled for max 64k, zlib not\n"); -#endif - - if (strcmp(png_libpng_ver, PNG_LIBPNG_VER_STRING)) - { - fprintf(STDERR, - "Warning: versions are different between png.h and png.c\n"); - fprintf(STDERR, " png.h version: %s\n", PNG_LIBPNG_VER_STRING); - fprintf(STDERR, " png.c version: %s\n\n", png_libpng_ver); - ++ierror; - } - - if (argc > 1) - { - if (strcmp(argv[1], "-m") == 0) - { - multiple = 1; - status_dots_requested = 0; - } - - else if (strcmp(argv[1], "-mv") == 0 || - strcmp(argv[1], "-vm") == 0 ) - { - multiple = 1; - verbose = 1; - status_dots_requested = 1; - } - - else if (strcmp(argv[1], "-v") == 0) - { - verbose = 1; - status_dots_requested = 1; - inname = argv[2]; - } - - else if (strcmp(argv[1], "--strict") == 0) - { - status_dots_requested = 0; - verbose = 1; - inname = argv[2]; - strict++; - relaxed = 0; - } - - else if (strcmp(argv[1], "--relaxed") == 0) - { - status_dots_requested = 0; - verbose = 1; - inname = argv[2]; - strict = 0; - relaxed++; - } - - else - { - inname = argv[1]; - status_dots_requested = 0; - } - } - - if (multiple == 0 && argc == 3 + verbose) - outname = argv[2 + verbose]; - - if ((multiple == 0 && argc > 3 + verbose) || - (multiple != 0 && argc < 2)) - { - fprintf(STDERR, - "usage: %s [infile.png] [outfile.png]\n\t%s -m {infile.png}\n", - argv[0], argv[0]); - fprintf(STDERR, - " reads/writes one PNG file (without -m) or multiple files (-m)\n"); - fprintf(STDERR, - " with -m %s is used as a temporary file\n", outname); - exit(1); - } - - if (multiple != 0) - { - int i; -#if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG - int allocation_now = current_allocation; -#endif - for (i=2; i<argc; ++i) - { - int kerror; - fprintf(STDERR, "\n Testing %s:", argv[i]); -#if PNG_DEBUG > 0 - fprintf(STDERR, "\n"); -#endif - kerror = test_one_file(argv[i], outname); - if (kerror == 0) - { -#ifdef PNG_WRITE_USER_TRANSFORM_SUPPORTED - fprintf(STDERR, "\n PASS (%lu zero samples)\n", - (unsigned long)zero_samples); -#else - fprintf(STDERR, " PASS\n"); -#endif -#ifdef PNG_TIME_RFC1123_SUPPORTED - if (tIME_chunk_present != 0) - fprintf(STDERR, " tIME = %s\n", tIME_string); - - tIME_chunk_present = 0; -#endif /* TIME_RFC1123 */ - } - - else - { - fprintf(STDERR, " FAIL\n"); - ierror += kerror; - } -#if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG - if (allocation_now != current_allocation) - fprintf(STDERR, "MEMORY ERROR: %d bytes lost\n", - current_allocation - allocation_now); - - if (current_allocation != 0) - { - memory_infop pinfo = pinformation; - - fprintf(STDERR, "MEMORY ERROR: %d bytes still allocated\n", - current_allocation); - - while (pinfo != NULL) - { - fprintf(STDERR, " %lu bytes at %p\n", - (unsigned long)pinfo->size, - pinfo->pointer); - pinfo = pinfo->next; - } - } -#endif - } -#if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG - fprintf(STDERR, " Current memory allocation: %10d bytes\n", - current_allocation); - fprintf(STDERR, " Maximum memory allocation: %10d bytes\n", - maximum_allocation); - fprintf(STDERR, " Total memory allocation: %10d bytes\n", - total_allocation); - fprintf(STDERR, " Number of allocations: %10d\n", - num_allocations); -#endif - } - - else - { - int i; - for (i = 0; i<3; ++i) - { - int kerror; -#if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG - int allocation_now = current_allocation; -#endif - if (i == 1) - status_dots_requested = 1; - - else if (verbose == 0) - status_dots_requested = 0; - - if (i == 0 || verbose == 1 || ierror != 0) - { - fprintf(STDERR, "\n Testing %s:", inname); -#if PNG_DEBUG > 0 - fprintf(STDERR, "\n"); -#endif - } - - kerror = test_one_file(inname, outname); - - if (kerror == 0) - { - if (verbose == 1 || i == 2) - { -#ifdef PNG_WRITE_USER_TRANSFORM_SUPPORTED - fprintf(STDERR, "\n PASS (%lu zero samples)\n", - (unsigned long)zero_samples); -#else - fprintf(STDERR, " PASS\n"); -#endif -#ifdef PNG_TIME_RFC1123_SUPPORTED - if (tIME_chunk_present != 0) - fprintf(STDERR, " tIME = %s\n", tIME_string); -#endif /* TIME_RFC1123 */ - } - } - - else - { - if (verbose == 0 && i != 2) - { - fprintf(STDERR, "\n Testing %s:", inname); -#if PNG_DEBUG > 0 - fprintf(STDERR, "\n"); -#endif - } - - fprintf(STDERR, " FAIL\n"); - ierror += kerror; - } -#if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG - if (allocation_now != current_allocation) - fprintf(STDERR, "MEMORY ERROR: %d bytes lost\n", - current_allocation - allocation_now); - - if (current_allocation != 0) - { - memory_infop pinfo = pinformation; - - fprintf(STDERR, "MEMORY ERROR: %d bytes still allocated\n", - current_allocation); - - while (pinfo != NULL) - { - fprintf(STDERR, " %lu bytes at %p\n", - (unsigned long)pinfo->size, pinfo->pointer); - pinfo = pinfo->next; - } - } -#endif - } -#if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG - fprintf(STDERR, " Current memory allocation: %10d bytes\n", - current_allocation); - fprintf(STDERR, " Maximum memory allocation: %10d bytes\n", - maximum_allocation); - fprintf(STDERR, " Total memory allocation: %10d bytes\n", - total_allocation); - fprintf(STDERR, " Number of allocations: %10d\n", - num_allocations); -#endif - } - -#ifdef PNGTEST_TIMING - t_stop = (float)clock(); - t_misc += (t_stop - t_start); - t_start = t_stop; - fprintf(STDERR, " CPU time used = %.3f seconds", - (t_misc+t_decode+t_encode)/(float)CLOCKS_PER_SEC); - fprintf(STDERR, " (decoding %.3f,\n", - t_decode/(float)CLOCKS_PER_SEC); - fprintf(STDERR, " encoding %.3f ,", - t_encode/(float)CLOCKS_PER_SEC); - fprintf(STDERR, " other %.3f seconds)\n\n", - t_misc/(float)CLOCKS_PER_SEC); -#endif - - if (ierror == 0) - fprintf(STDERR, " libpng passes test\n"); - - else - fprintf(STDERR, " libpng FAILS test\n"); - - dummy_ptr = png_create_read_struct(PNG_LIBPNG_VER_STRING, NULL, NULL, NULL); - fprintf(STDERR, " Default limits:\n"); - fprintf(STDERR, " width_max = %lu\n", - (unsigned long) png_get_user_width_max(dummy_ptr)); - fprintf(STDERR, " height_max = %lu\n", - (unsigned long) png_get_user_height_max(dummy_ptr)); - if (png_get_chunk_cache_max(dummy_ptr) == 0) - fprintf(STDERR, " cache_max = unlimited\n"); - else - fprintf(STDERR, " cache_max = %lu\n", - (unsigned long) png_get_chunk_cache_max(dummy_ptr)); - if (png_get_chunk_malloc_max(dummy_ptr) == 0) - fprintf(STDERR, " malloc_max = unlimited\n"); - else - fprintf(STDERR, " malloc_max = %lu\n", - (unsigned long) png_get_chunk_malloc_max(dummy_ptr)); - png_destroy_read_struct(&dummy_ptr, NULL, NULL); - - return (int)(ierror != 0); -} -#else -int -main(void) -{ - fprintf(STDERR, - " test ignored because libpng was not built with read support\n"); - /* And skip this test */ - return PNG_LIBPNG_VER < 10600 ? 0 : 77; -} -#endif - -/* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_20 Your_png_h_is_not_version_1_6_20;
--- a/src/share/native/sun/awt/libpng/pngtrans.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/awt/libpng/pngtrans.c Wed Jul 19 05:41:28 2017 +0100 @@ -29,8 +29,8 @@ * However, the following notice accompanied the original version of this * file and, per its terms, should not be removed: * - * Last changed in libpng 1.6.18 [July 23, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.26 [October 20, 2016] + * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -200,13 +200,14 @@ * size! */ png_app_error(png_ptr, - "png_set_filler is invalid for low bit depth gray output"); + "png_set_filler is invalid for" + " low bit depth gray output"); return; } default: png_app_error(png_ptr, - "png_set_filler: inappropriate color type"); + "png_set_filler: inappropriate color type"); return; } # else @@ -622,7 +623,7 @@ return; /* The filler channel has gone already */ /* Fix the rowbytes value. */ - row_info->rowbytes = dp-row; + row_info->rowbytes = (unsigned int)(dp-row); } #endif @@ -720,7 +721,7 @@ * and this calculation is used because it avoids warnings that other * forms produced on either GCC or MSVC. */ - int padding = (-row_info->pixel_depth * row_info->width) & 7; + int padding = PNG_PADBITS(row_info->pixel_depth, row_info->width); png_bytep rp = png_ptr->row_buf + row_info->rowbytes; switch (row_info->bit_depth) @@ -825,7 +826,7 @@ (png_ptr->flags & PNG_FLAG_ROW_INIT) != 0) { png_app_error(png_ptr, - "info change after png_start_read_image or png_read_update_info"); + "info change after png_start_read_image or png_read_update_info"); return; } #endif
--- a/src/share/native/sun/awt/libpng/pngwio.c Tue Jul 11 03:45:17 2017 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,196 +0,0 @@ -/* - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* pngwio.c - functions for data output - * - * This file is available under and governed by the GNU General Public - * License version 2 only, as published by the Free Software Foundation. - * However, the following notice accompanied the original version of this - * file and, per its terms, should not be removed: - * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) - * - * This code is released under the libpng license. - * For conditions of distribution and use, see the disclaimer - * and license in png.h - * - * This file provides a location for all output. Users who need - * special handling are expected to write functions that have the same - * arguments as these and perform similar functions, but that possibly - * use different output methods. Note that you shouldn't change these - * functions, but rather write replacement functions and then change - * them at run time with png_set_write_fn(...). - */ - -#include "pngpriv.h" - -#ifdef PNG_WRITE_SUPPORTED - -/* Write the data to whatever output you are using. The default routine - * writes to a file pointer. Note that this routine sometimes gets called - * with very small lengths, so you should implement some kind of simple - * buffering if you are using unbuffered writes. This should never be asked - * to write more than 64K on a 16-bit machine. - */ - -void /* PRIVATE */ -png_write_data(png_structrp png_ptr, png_const_bytep data, png_size_t length) -{ - /* NOTE: write_data_fn must not change the buffer! */ - if (png_ptr->write_data_fn != NULL ) - (*(png_ptr->write_data_fn))(png_ptr, png_constcast(png_bytep,data), - length); - - else - png_error(png_ptr, "Call to NULL write function"); -} - -#ifdef PNG_STDIO_SUPPORTED -/* This is the function that does the actual writing of data. If you are - * not writing to a standard C stream, you should create a replacement - * write_data function and use it at run time with png_set_write_fn(), rather - * than changing the library. - */ -void PNGCBAPI -png_default_write_data(png_structp png_ptr, png_bytep data, png_size_t length) -{ - png_size_t check; - - if (png_ptr == NULL) - return; - - check = fwrite(data, 1, length, (png_FILE_p)(png_ptr->io_ptr)); - - if (check != length) - png_error(png_ptr, "Write Error"); -} -#endif - -/* This function is called to output any data pending writing (normally - * to disk). After png_flush is called, there should be no data pending - * writing in any buffers. - */ -#ifdef PNG_WRITE_FLUSH_SUPPORTED -void /* PRIVATE */ -png_flush(png_structrp png_ptr) -{ - if (png_ptr->output_flush_fn != NULL) - (*(png_ptr->output_flush_fn))(png_ptr); -} - -# ifdef PNG_STDIO_SUPPORTED -void PNGCBAPI -png_default_flush(png_structp png_ptr) -{ - png_FILE_p io_ptr; - - if (png_ptr == NULL) - return; - - io_ptr = png_voidcast(png_FILE_p, (png_ptr->io_ptr)); - fflush(io_ptr); -} -# endif -#endif - -/* This function allows the application to supply new output functions for - * libpng if standard C streams aren't being used. - * - * This function takes as its arguments: - * png_ptr - pointer to a png output data structure - * io_ptr - pointer to user supplied structure containing info about - * the output functions. May be NULL. - * write_data_fn - pointer to a new output function that takes as its - * arguments a pointer to a png_struct, a pointer to - * data to be written, and a 32-bit unsigned int that is - * the number of bytes to be written. The new write - * function should call png_error(png_ptr, "Error msg") - * to exit and output any fatal error messages. May be - * NULL, in which case libpng's default function will - * be used. - * flush_data_fn - pointer to a new flush function that takes as its - * arguments a pointer to a png_struct. After a call to - * the flush function, there should be no data in any buffers - * or pending transmission. If the output method doesn't do - * any buffering of output, a function prototype must still be - * supplied although it doesn't have to do anything. If - * PNG_WRITE_FLUSH_SUPPORTED is not defined at libpng compile - * time, output_flush_fn will be ignored, although it must be - * supplied for compatibility. May be NULL, in which case - * libpng's default function will be used, if - * PNG_WRITE_FLUSH_SUPPORTED is defined. This is not - * a good idea if io_ptr does not point to a standard - * *FILE structure. - */ -void PNGAPI -png_set_write_fn(png_structrp png_ptr, png_voidp io_ptr, - png_rw_ptr write_data_fn, png_flush_ptr output_flush_fn) -{ - if (png_ptr == NULL) - return; - - png_ptr->io_ptr = io_ptr; - -#ifdef PNG_STDIO_SUPPORTED - if (write_data_fn != NULL) - png_ptr->write_data_fn = write_data_fn; - - else - png_ptr->write_data_fn = png_default_write_data; -#else - png_ptr->write_data_fn = write_data_fn; -#endif - -#ifdef PNG_WRITE_FLUSH_SUPPORTED -# ifdef PNG_STDIO_SUPPORTED - - if (output_flush_fn != NULL) - png_ptr->output_flush_fn = output_flush_fn; - - else - png_ptr->output_flush_fn = png_default_flush; - -# else - png_ptr->output_flush_fn = output_flush_fn; -# endif -#else - PNG_UNUSED(output_flush_fn) -#endif /* WRITE_FLUSH */ - -#ifdef PNG_READ_SUPPORTED - /* It is an error to read while writing a png file */ - if (png_ptr->read_data_fn != NULL) - { - png_ptr->read_data_fn = NULL; - - png_warning(png_ptr, - "Can't set both read_data_fn and write_data_fn in the" - " same structure"); - } -#endif -} -#endif /* WRITE */
--- a/src/share/native/sun/awt/libpng/pngwrite.c Tue Jul 11 03:45:17 2017 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,2258 +0,0 @@ -/* - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* pngwrite.c - general routines to write a PNG file - * - * This file is available under and governed by the GNU General Public - * License version 2 only, as published by the Free Software Foundation. - * However, the following notice accompanied the original version of this - * file and, per its terms, should not be removed: - * - * Last changed in libpng 1.6.19 [November 12, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) - * - * This code is released under the libpng license. - * For conditions of distribution and use, see the disclaimer - * and license in png.h - */ - -#include "pngpriv.h" -#if defined(PNG_SIMPLIFIED_WRITE_SUPPORTED) && defined(PNG_STDIO_SUPPORTED) -# include <errno.h> -#endif - -#ifdef PNG_WRITE_SUPPORTED - -#ifdef PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED -/* Write out all the unknown chunks for the current given location */ -static void -write_unknown_chunks(png_structrp png_ptr, png_const_inforp info_ptr, - unsigned int where) -{ - if (info_ptr->unknown_chunks_num != 0) - { - png_const_unknown_chunkp up; - - png_debug(5, "writing extra chunks"); - - for (up = info_ptr->unknown_chunks; - up < info_ptr->unknown_chunks + info_ptr->unknown_chunks_num; - ++up) - if ((up->location & where) != 0) - { - /* If per-chunk unknown chunk handling is enabled use it, otherwise - * just write the chunks the application has set. - */ -#ifdef PNG_SET_UNKNOWN_CHUNKS_SUPPORTED - int keep = png_handle_as_unknown(png_ptr, up->name); - - /* NOTE: this code is radically different from the read side in the - * matter of handling an ancillary unknown chunk. In the read side - * the default behavior is to discard it, in the code below the default - * behavior is to write it. Critical chunks are, however, only - * written if explicitly listed or if the default is set to write all - * unknown chunks. - * - * The default handling is also slightly weird - it is not possible to - * stop the writing of all unsafe-to-copy chunks! - * - * TODO: REVIEW: this would seem to be a bug. - */ - if (keep != PNG_HANDLE_CHUNK_NEVER && - ((up->name[3] & 0x20) /* safe-to-copy overrides everything */ || - keep == PNG_HANDLE_CHUNK_ALWAYS || - (keep == PNG_HANDLE_CHUNK_AS_DEFAULT && - png_ptr->unknown_default == PNG_HANDLE_CHUNK_ALWAYS))) -#endif - { - /* TODO: review, what is wrong with a zero length unknown chunk? */ - if (up->size == 0) - png_warning(png_ptr, "Writing zero-length unknown chunk"); - - png_write_chunk(png_ptr, up->name, up->data, up->size); - } - } - } -} -#endif /* WRITE_UNKNOWN_CHUNKS */ - -/* Writes all the PNG information. This is the suggested way to use the - * library. If you have a new chunk to add, make a function to write it, - * and put it in the correct location here. If you want the chunk written - * after the image data, put it in png_write_end(). I strongly encourage - * you to supply a PNG_INFO_ flag, and check info_ptr->valid before writing - * the chunk, as that will keep the code from breaking if you want to just - * write a plain PNG file. If you have long comments, I suggest writing - * them in png_write_end(), and compressing them. - */ -void PNGAPI -png_write_info_before_PLTE(png_structrp png_ptr, png_const_inforp info_ptr) -{ - png_debug(1, "in png_write_info_before_PLTE"); - - if (png_ptr == NULL || info_ptr == NULL) - return; - - if ((png_ptr->mode & PNG_WROTE_INFO_BEFORE_PLTE) == 0) - { - /* Write PNG signature */ - png_write_sig(png_ptr); - -#ifdef PNG_MNG_FEATURES_SUPPORTED - if ((png_ptr->mode & PNG_HAVE_PNG_SIGNATURE) != 0 && \ - png_ptr->mng_features_permitted != 0) - { - png_warning(png_ptr, - "MNG features are not allowed in a PNG datastream"); - png_ptr->mng_features_permitted = 0; - } -#endif - - /* Write IHDR information. */ - png_write_IHDR(png_ptr, info_ptr->width, info_ptr->height, - info_ptr->bit_depth, info_ptr->color_type, info_ptr->compression_type, - info_ptr->filter_type, -#ifdef PNG_WRITE_INTERLACING_SUPPORTED - info_ptr->interlace_type -#else - 0 -#endif - ); - - /* The rest of these check to see if the valid field has the appropriate - * flag set, and if it does, writes the chunk. - * - * 1.6.0: COLORSPACE support controls the writing of these chunks too, and - * the chunks will be written if the WRITE routine is there and - * information * is available in the COLORSPACE. (See - * png_colorspace_sync_info in png.c for where the valid flags get set.) - * - * Under certain circumstances the colorspace can be invalidated without - * syncing the info_struct 'valid' flags; this happens if libpng detects - * an error and calls png_error while the color space is being set, yet - * the application continues writing the PNG. So check the 'invalid' - * flag here too. - */ -#ifdef PNG_GAMMA_SUPPORTED -# ifdef PNG_WRITE_gAMA_SUPPORTED - if ((info_ptr->colorspace.flags & PNG_COLORSPACE_INVALID) == 0 && - (info_ptr->colorspace.flags & PNG_COLORSPACE_FROM_gAMA) != 0 && - (info_ptr->valid & PNG_INFO_gAMA) != 0) - png_write_gAMA_fixed(png_ptr, info_ptr->colorspace.gamma); -# endif -#endif - -#ifdef PNG_COLORSPACE_SUPPORTED - /* Write only one of sRGB or an ICC profile. If a profile was supplied - * and it matches one of the known sRGB ones issue a warning. - */ -# ifdef PNG_WRITE_iCCP_SUPPORTED - if ((info_ptr->colorspace.flags & PNG_COLORSPACE_INVALID) == 0 && - (info_ptr->valid & PNG_INFO_iCCP) != 0) - { -# ifdef PNG_WRITE_sRGB_SUPPORTED - if ((info_ptr->valid & PNG_INFO_sRGB) != 0) - png_app_warning(png_ptr, - "profile matches sRGB but writing iCCP instead"); -# endif - - png_write_iCCP(png_ptr, info_ptr->iccp_name, - info_ptr->iccp_profile); - } -# ifdef PNG_WRITE_sRGB_SUPPORTED - else -# endif -# endif - -# ifdef PNG_WRITE_sRGB_SUPPORTED - if ((info_ptr->colorspace.flags & PNG_COLORSPACE_INVALID) == 0 && - (info_ptr->valid & PNG_INFO_sRGB) != 0) - png_write_sRGB(png_ptr, info_ptr->colorspace.rendering_intent); -# endif /* WRITE_sRGB */ -#endif /* COLORSPACE */ - -#ifdef PNG_WRITE_sBIT_SUPPORTED - if ((info_ptr->valid & PNG_INFO_sBIT) != 0) - png_write_sBIT(png_ptr, &(info_ptr->sig_bit), info_ptr->color_type); -#endif - -#ifdef PNG_COLORSPACE_SUPPORTED -# ifdef PNG_WRITE_cHRM_SUPPORTED - if ((info_ptr->colorspace.flags & PNG_COLORSPACE_INVALID) == 0 && - (info_ptr->colorspace.flags & PNG_COLORSPACE_FROM_cHRM) != 0 && - (info_ptr->valid & PNG_INFO_cHRM) != 0) - png_write_cHRM_fixed(png_ptr, &info_ptr->colorspace.end_points_xy); -# endif -#endif - -#ifdef PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED - write_unknown_chunks(png_ptr, info_ptr, PNG_HAVE_IHDR); -#endif - - png_ptr->mode |= PNG_WROTE_INFO_BEFORE_PLTE; - } -} - -void PNGAPI -png_write_info(png_structrp png_ptr, png_const_inforp info_ptr) -{ -#if defined(PNG_WRITE_TEXT_SUPPORTED) || defined(PNG_WRITE_sPLT_SUPPORTED) - int i; -#endif - - png_debug(1, "in png_write_info"); - - if (png_ptr == NULL || info_ptr == NULL) - return; - - png_write_info_before_PLTE(png_ptr, info_ptr); - - if ((info_ptr->valid & PNG_INFO_PLTE) != 0) - png_write_PLTE(png_ptr, info_ptr->palette, - (png_uint_32)info_ptr->num_palette); - - else if (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) - png_error(png_ptr, "Valid palette required for paletted images"); - -#ifdef PNG_WRITE_tRNS_SUPPORTED - if ((info_ptr->valid & PNG_INFO_tRNS) !=0) - { -#ifdef PNG_WRITE_INVERT_ALPHA_SUPPORTED - /* Invert the alpha channel (in tRNS) */ - if ((png_ptr->transformations & PNG_INVERT_ALPHA) != 0 && - info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) - { - int j, jend; - - jend = info_ptr->num_trans; - if (jend > PNG_MAX_PALETTE_LENGTH) - jend = PNG_MAX_PALETTE_LENGTH; - - for (j = 0; j<jend; ++j) - info_ptr->trans_alpha[j] = - (png_byte)(255 - info_ptr->trans_alpha[j]); - } -#endif - png_write_tRNS(png_ptr, info_ptr->trans_alpha, &(info_ptr->trans_color), - info_ptr->num_trans, info_ptr->color_type); - } -#endif -#ifdef PNG_WRITE_bKGD_SUPPORTED - if ((info_ptr->valid & PNG_INFO_bKGD) != 0) - png_write_bKGD(png_ptr, &(info_ptr->background), info_ptr->color_type); -#endif - -#ifdef PNG_WRITE_hIST_SUPPORTED - if ((info_ptr->valid & PNG_INFO_hIST) != 0) - png_write_hIST(png_ptr, info_ptr->hist, info_ptr->num_palette); -#endif - -#ifdef PNG_WRITE_oFFs_SUPPORTED - if ((info_ptr->valid & PNG_INFO_oFFs) != 0) - png_write_oFFs(png_ptr, info_ptr->x_offset, info_ptr->y_offset, - info_ptr->offset_unit_type); -#endif - -#ifdef PNG_WRITE_pCAL_SUPPORTED - if ((info_ptr->valid & PNG_INFO_pCAL) != 0) - png_write_pCAL(png_ptr, info_ptr->pcal_purpose, info_ptr->pcal_X0, - info_ptr->pcal_X1, info_ptr->pcal_type, info_ptr->pcal_nparams, - info_ptr->pcal_units, info_ptr->pcal_params); -#endif - -#ifdef PNG_WRITE_sCAL_SUPPORTED - if ((info_ptr->valid & PNG_INFO_sCAL) != 0) - png_write_sCAL_s(png_ptr, (int)info_ptr->scal_unit, - info_ptr->scal_s_width, info_ptr->scal_s_height); -#endif /* sCAL */ - -#ifdef PNG_WRITE_pHYs_SUPPORTED - if ((info_ptr->valid & PNG_INFO_pHYs) != 0) - png_write_pHYs(png_ptr, info_ptr->x_pixels_per_unit, - info_ptr->y_pixels_per_unit, info_ptr->phys_unit_type); -#endif /* pHYs */ - -#ifdef PNG_WRITE_tIME_SUPPORTED - if ((info_ptr->valid & PNG_INFO_tIME) != 0) - { - png_write_tIME(png_ptr, &(info_ptr->mod_time)); - png_ptr->mode |= PNG_WROTE_tIME; - } -#endif /* tIME */ - -#ifdef PNG_WRITE_sPLT_SUPPORTED - if ((info_ptr->valid & PNG_INFO_sPLT) != 0) - for (i = 0; i < (int)info_ptr->splt_palettes_num; i++) - png_write_sPLT(png_ptr, info_ptr->splt_palettes + i); -#endif /* sPLT */ - -#ifdef PNG_WRITE_TEXT_SUPPORTED - /* Check to see if we need to write text chunks */ - for (i = 0; i < info_ptr->num_text; i++) - { - png_debug2(2, "Writing header text chunk %d, type %d", i, - info_ptr->text[i].compression); - /* An internationalized chunk? */ - if (info_ptr->text[i].compression > 0) - { -#ifdef PNG_WRITE_iTXt_SUPPORTED - /* Write international chunk */ - png_write_iTXt(png_ptr, - info_ptr->text[i].compression, - info_ptr->text[i].key, - info_ptr->text[i].lang, - info_ptr->text[i].lang_key, - info_ptr->text[i].text); - /* Mark this chunk as written */ - if (info_ptr->text[i].compression == PNG_TEXT_COMPRESSION_NONE) - info_ptr->text[i].compression = PNG_TEXT_COMPRESSION_NONE_WR; - else - info_ptr->text[i].compression = PNG_TEXT_COMPRESSION_zTXt_WR; -#else - png_warning(png_ptr, "Unable to write international text"); -#endif - } - - /* If we want a compressed text chunk */ - else if (info_ptr->text[i].compression == PNG_TEXT_COMPRESSION_zTXt) - { -#ifdef PNG_WRITE_zTXt_SUPPORTED - /* Write compressed chunk */ - png_write_zTXt(png_ptr, info_ptr->text[i].key, - info_ptr->text[i].text, info_ptr->text[i].compression); - /* Mark this chunk as written */ - info_ptr->text[i].compression = PNG_TEXT_COMPRESSION_zTXt_WR; -#else - png_warning(png_ptr, "Unable to write compressed text"); -#endif - } - - else if (info_ptr->text[i].compression == PNG_TEXT_COMPRESSION_NONE) - { -#ifdef PNG_WRITE_tEXt_SUPPORTED - /* Write uncompressed chunk */ - png_write_tEXt(png_ptr, info_ptr->text[i].key, - info_ptr->text[i].text, - 0); - /* Mark this chunk as written */ - info_ptr->text[i].compression = PNG_TEXT_COMPRESSION_NONE_WR; -#else - /* Can't get here */ - png_warning(png_ptr, "Unable to write uncompressed text"); -#endif - } - } -#endif /* tEXt */ - -#ifdef PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED - write_unknown_chunks(png_ptr, info_ptr, PNG_HAVE_PLTE); -#endif -} - -/* Writes the end of the PNG file. If you don't want to write comments or - * time information, you can pass NULL for info. If you already wrote these - * in png_write_info(), do not write them again here. If you have long - * comments, I suggest writing them here, and compressing them. - */ -void PNGAPI -png_write_end(png_structrp png_ptr, png_inforp info_ptr) -{ - png_debug(1, "in png_write_end"); - - if (png_ptr == NULL) - return; - - if ((png_ptr->mode & PNG_HAVE_IDAT) == 0) - png_error(png_ptr, "No IDATs written into file"); - -#ifdef PNG_WRITE_CHECK_FOR_INVALID_INDEX_SUPPORTED - if (png_ptr->num_palette_max > png_ptr->num_palette) - png_benign_error(png_ptr, "Wrote palette index exceeding num_palette"); -#endif - - /* See if user wants us to write information chunks */ - if (info_ptr != NULL) - { -#ifdef PNG_WRITE_TEXT_SUPPORTED - int i; /* local index variable */ -#endif -#ifdef PNG_WRITE_tIME_SUPPORTED - /* Check to see if user has supplied a time chunk */ - if ((info_ptr->valid & PNG_INFO_tIME) != 0 && - (png_ptr->mode & PNG_WROTE_tIME) == 0) - png_write_tIME(png_ptr, &(info_ptr->mod_time)); - -#endif -#ifdef PNG_WRITE_TEXT_SUPPORTED - /* Loop through comment chunks */ - for (i = 0; i < info_ptr->num_text; i++) - { - png_debug2(2, "Writing trailer text chunk %d, type %d", i, - info_ptr->text[i].compression); - /* An internationalized chunk? */ - if (info_ptr->text[i].compression > 0) - { -#ifdef PNG_WRITE_iTXt_SUPPORTED - /* Write international chunk */ - png_write_iTXt(png_ptr, - info_ptr->text[i].compression, - info_ptr->text[i].key, - info_ptr->text[i].lang, - info_ptr->text[i].lang_key, - info_ptr->text[i].text); - /* Mark this chunk as written */ - if (info_ptr->text[i].compression == PNG_TEXT_COMPRESSION_NONE) - info_ptr->text[i].compression = PNG_TEXT_COMPRESSION_NONE_WR; - else - info_ptr->text[i].compression = PNG_TEXT_COMPRESSION_zTXt_WR; -#else - png_warning(png_ptr, "Unable to write international text"); -#endif - } - - else if (info_ptr->text[i].compression >= PNG_TEXT_COMPRESSION_zTXt) - { -#ifdef PNG_WRITE_zTXt_SUPPORTED - /* Write compressed chunk */ - png_write_zTXt(png_ptr, info_ptr->text[i].key, - info_ptr->text[i].text, info_ptr->text[i].compression); - /* Mark this chunk as written */ - info_ptr->text[i].compression = PNG_TEXT_COMPRESSION_zTXt_WR; -#else - png_warning(png_ptr, "Unable to write compressed text"); -#endif - } - - else if (info_ptr->text[i].compression == PNG_TEXT_COMPRESSION_NONE) - { -#ifdef PNG_WRITE_tEXt_SUPPORTED - /* Write uncompressed chunk */ - png_write_tEXt(png_ptr, info_ptr->text[i].key, - info_ptr->text[i].text, 0); - /* Mark this chunk as written */ - info_ptr->text[i].compression = PNG_TEXT_COMPRESSION_NONE_WR; -#else - png_warning(png_ptr, "Unable to write uncompressed text"); -#endif - } - } -#endif -#ifdef PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED - write_unknown_chunks(png_ptr, info_ptr, PNG_AFTER_IDAT); -#endif - } - - png_ptr->mode |= PNG_AFTER_IDAT; - - /* Write end of PNG file */ - png_write_IEND(png_ptr); - - /* This flush, added in libpng-1.0.8, removed from libpng-1.0.9beta03, - * and restored again in libpng-1.2.30, may cause some applications that - * do not set png_ptr->output_flush_fn to crash. If your application - * experiences a problem, please try building libpng with - * PNG_WRITE_FLUSH_AFTER_IEND_SUPPORTED defined, and report the event to - * png-mng-implement at lists.sf.net . - */ -#ifdef PNG_WRITE_FLUSH_SUPPORTED -# ifdef PNG_WRITE_FLUSH_AFTER_IEND_SUPPORTED - png_flush(png_ptr); -# endif -#endif -} - -#ifdef PNG_CONVERT_tIME_SUPPORTED -void PNGAPI -png_convert_from_struct_tm(png_timep ptime, PNG_CONST struct tm * ttime) -{ - png_debug(1, "in png_convert_from_struct_tm"); - - ptime->year = (png_uint_16)(1900 + ttime->tm_year); - ptime->month = (png_byte)(ttime->tm_mon + 1); - ptime->day = (png_byte)ttime->tm_mday; - ptime->hour = (png_byte)ttime->tm_hour; - ptime->minute = (png_byte)ttime->tm_min; - ptime->second = (png_byte)ttime->tm_sec; -} - -void PNGAPI -png_convert_from_time_t(png_timep ptime, time_t ttime) -{ - struct tm *tbuf; - - png_debug(1, "in png_convert_from_time_t"); - - tbuf = gmtime(&ttime); - png_convert_from_struct_tm(ptime, tbuf); -} -#endif - -/* Initialize png_ptr structure, and allocate any memory needed */ -PNG_FUNCTION(png_structp,PNGAPI -png_create_write_struct,(png_const_charp user_png_ver, png_voidp error_ptr, - png_error_ptr error_fn, png_error_ptr warn_fn),PNG_ALLOCATED) -{ -#ifndef PNG_USER_MEM_SUPPORTED - png_structrp png_ptr = png_create_png_struct(user_png_ver, error_ptr, - error_fn, warn_fn, NULL, NULL, NULL); -#else - return png_create_write_struct_2(user_png_ver, error_ptr, error_fn, - warn_fn, NULL, NULL, NULL); -} - -/* Alternate initialize png_ptr structure, and allocate any memory needed */ -PNG_FUNCTION(png_structp,PNGAPI -png_create_write_struct_2,(png_const_charp user_png_ver, png_voidp error_ptr, - png_error_ptr error_fn, png_error_ptr warn_fn, png_voidp mem_ptr, - png_malloc_ptr malloc_fn, png_free_ptr free_fn),PNG_ALLOCATED) -{ - png_structrp png_ptr = png_create_png_struct(user_png_ver, error_ptr, - error_fn, warn_fn, mem_ptr, malloc_fn, free_fn); -#endif /* USER_MEM */ - if (png_ptr != NULL) - { - /* Set the zlib control values to defaults; they can be overridden by the - * application after the struct has been created. - */ - png_ptr->zbuffer_size = PNG_ZBUF_SIZE; - - /* The 'zlib_strategy' setting is irrelevant because png_default_claim in - * pngwutil.c defaults it according to whether or not filters will be - * used, and ignores this setting. - */ - png_ptr->zlib_strategy = PNG_Z_DEFAULT_STRATEGY; - png_ptr->zlib_level = PNG_Z_DEFAULT_COMPRESSION; - png_ptr->zlib_mem_level = 8; - png_ptr->zlib_window_bits = 15; - png_ptr->zlib_method = 8; - -#ifdef PNG_WRITE_COMPRESSED_TEXT_SUPPORTED - png_ptr->zlib_text_strategy = PNG_TEXT_Z_DEFAULT_STRATEGY; - png_ptr->zlib_text_level = PNG_TEXT_Z_DEFAULT_COMPRESSION; - png_ptr->zlib_text_mem_level = 8; - png_ptr->zlib_text_window_bits = 15; - png_ptr->zlib_text_method = 8; -#endif /* WRITE_COMPRESSED_TEXT */ - - /* This is a highly dubious configuration option; by default it is off, - * but it may be appropriate for private builds that are testing - * extensions not conformant to the current specification, or of - * applications that must not fail to write at all costs! - */ -#ifdef PNG_BENIGN_WRITE_ERRORS_SUPPORTED - /* In stable builds only warn if an application error can be completely - * handled. - */ - png_ptr->flags |= PNG_FLAG_BENIGN_ERRORS_WARN; -#endif - - /* App warnings are warnings in release (or release candidate) builds but - * are errors during development. - */ -#if PNG_RELEASE_BUILD - png_ptr->flags |= PNG_FLAG_APP_WARNINGS_WARN; -#endif - - /* TODO: delay this, it can be done in png_init_io() (if the app doesn't - * do it itself) avoiding setting the default function if it is not - * required. - */ - png_set_write_fn(png_ptr, NULL, NULL, NULL); - } - - return png_ptr; -} - - -/* Write a few rows of image data. If the image is interlaced, - * either you will have to write the 7 sub images, or, if you - * have called png_set_interlace_handling(), you will have to - * "write" the image seven times. - */ -void PNGAPI -png_write_rows(png_structrp png_ptr, png_bytepp row, - png_uint_32 num_rows) -{ - png_uint_32 i; /* row counter */ - png_bytepp rp; /* row pointer */ - - png_debug(1, "in png_write_rows"); - - if (png_ptr == NULL) - return; - - /* Loop through the rows */ - for (i = 0, rp = row; i < num_rows; i++, rp++) - { - png_write_row(png_ptr, *rp); - } -} - -/* Write the image. You only need to call this function once, even - * if you are writing an interlaced image. - */ -void PNGAPI -png_write_image(png_structrp png_ptr, png_bytepp image) -{ - png_uint_32 i; /* row index */ - int pass, num_pass; /* pass variables */ - png_bytepp rp; /* points to current row */ - - if (png_ptr == NULL) - return; - - png_debug(1, "in png_write_image"); - -#ifdef PNG_WRITE_INTERLACING_SUPPORTED - /* Initialize interlace handling. If image is not interlaced, - * this will set pass to 1 - */ - num_pass = png_set_interlace_handling(png_ptr); -#else - num_pass = 1; -#endif - /* Loop through passes */ - for (pass = 0; pass < num_pass; pass++) - { - /* Loop through image */ - for (i = 0, rp = image; i < png_ptr->height; i++, rp++) - { - png_write_row(png_ptr, *rp); - } - } -} - -#ifdef PNG_MNG_FEATURES_SUPPORTED -/* Performs intrapixel differencing */ -static void -png_do_write_intrapixel(png_row_infop row_info, png_bytep row) -{ - png_debug(1, "in png_do_write_intrapixel"); - - if ((row_info->color_type & PNG_COLOR_MASK_COLOR) != 0) - { - int bytes_per_pixel; - png_uint_32 row_width = row_info->width; - if (row_info->bit_depth == 8) - { - png_bytep rp; - png_uint_32 i; - - if (row_info->color_type == PNG_COLOR_TYPE_RGB) - bytes_per_pixel = 3; - - else if (row_info->color_type == PNG_COLOR_TYPE_RGB_ALPHA) - bytes_per_pixel = 4; - - else - return; - - for (i = 0, rp = row; i < row_width; i++, rp += bytes_per_pixel) - { - *(rp) = (png_byte)(*rp - *(rp + 1)); - *(rp + 2) = (png_byte)(*(rp + 2) - *(rp + 1)); - } - } - -#ifdef PNG_WRITE_16BIT_SUPPORTED - else if (row_info->bit_depth == 16) - { - png_bytep rp; - png_uint_32 i; - - if (row_info->color_type == PNG_COLOR_TYPE_RGB) - bytes_per_pixel = 6; - - else if (row_info->color_type == PNG_COLOR_TYPE_RGB_ALPHA) - bytes_per_pixel = 8; - - else - return; - - for (i = 0, rp = row; i < row_width; i++, rp += bytes_per_pixel) - { - png_uint_32 s0 = (*(rp ) << 8) | *(rp + 1); - png_uint_32 s1 = (*(rp + 2) << 8) | *(rp + 3); - png_uint_32 s2 = (*(rp + 4) << 8) | *(rp + 5); - png_uint_32 red = (png_uint_32)((s0 - s1) & 0xffffL); - png_uint_32 blue = (png_uint_32)((s2 - s1) & 0xffffL); - *(rp ) = (png_byte)(red >> 8); - *(rp + 1) = (png_byte)red; - *(rp + 4) = (png_byte)(blue >> 8); - *(rp + 5) = (png_byte)blue; - } - } -#endif /* WRITE_16BIT */ - } -} -#endif /* MNG_FEATURES */ - -/* Called by user to write a row of image data */ -void PNGAPI -png_write_row(png_structrp png_ptr, png_const_bytep row) -{ - /* 1.5.6: moved from png_struct to be a local structure: */ - png_row_info row_info; - - if (png_ptr == NULL) - return; - - png_debug2(1, "in png_write_row (row %u, pass %d)", - png_ptr->row_number, png_ptr->pass); - - /* Initialize transformations and other stuff if first time */ - if (png_ptr->row_number == 0 && png_ptr->pass == 0) - { - /* Make sure we wrote the header info */ - if ((png_ptr->mode & PNG_WROTE_INFO_BEFORE_PLTE) == 0) - png_error(png_ptr, - "png_write_info was never called before png_write_row"); - - /* Check for transforms that have been set but were defined out */ -#if !defined(PNG_WRITE_INVERT_SUPPORTED) && defined(PNG_READ_INVERT_SUPPORTED) - if ((png_ptr->transformations & PNG_INVERT_MONO) != 0) - png_warning(png_ptr, "PNG_WRITE_INVERT_SUPPORTED is not defined"); -#endif - -#if !defined(PNG_WRITE_FILLER_SUPPORTED) && defined(PNG_READ_FILLER_SUPPORTED) - if ((png_ptr->transformations & PNG_FILLER) != 0) - png_warning(png_ptr, "PNG_WRITE_FILLER_SUPPORTED is not defined"); -#endif -#if !defined(PNG_WRITE_PACKSWAP_SUPPORTED) && \ - defined(PNG_READ_PACKSWAP_SUPPORTED) - if ((png_ptr->transformations & PNG_PACKSWAP) != 0) - png_warning(png_ptr, - "PNG_WRITE_PACKSWAP_SUPPORTED is not defined"); -#endif - -#if !defined(PNG_WRITE_PACK_SUPPORTED) && defined(PNG_READ_PACK_SUPPORTED) - if ((png_ptr->transformations & PNG_PACK) != 0) - png_warning(png_ptr, "PNG_WRITE_PACK_SUPPORTED is not defined"); -#endif - -#if !defined(PNG_WRITE_SHIFT_SUPPORTED) && defined(PNG_READ_SHIFT_SUPPORTED) - if ((png_ptr->transformations & PNG_SHIFT) != 0) - png_warning(png_ptr, "PNG_WRITE_SHIFT_SUPPORTED is not defined"); -#endif - -#if !defined(PNG_WRITE_BGR_SUPPORTED) && defined(PNG_READ_BGR_SUPPORTED) - if ((png_ptr->transformations & PNG_BGR) != 0) - png_warning(png_ptr, "PNG_WRITE_BGR_SUPPORTED is not defined"); -#endif - -#if !defined(PNG_WRITE_SWAP_SUPPORTED) && defined(PNG_READ_SWAP_SUPPORTED) - if ((png_ptr->transformations & PNG_SWAP_BYTES) != 0) - png_warning(png_ptr, "PNG_WRITE_SWAP_SUPPORTED is not defined"); -#endif - - png_write_start_row(png_ptr); - } - -#ifdef PNG_WRITE_INTERLACING_SUPPORTED - /* If interlaced and not interested in row, return */ - if (png_ptr->interlaced != 0 && - (png_ptr->transformations & PNG_INTERLACE) != 0) - { - switch (png_ptr->pass) - { - case 0: - if ((png_ptr->row_number & 0x07) != 0) - { - png_write_finish_row(png_ptr); - return; - } - break; - - case 1: - if ((png_ptr->row_number & 0x07) != 0 || png_ptr->width < 5) - { - png_write_finish_row(png_ptr); - return; - } - break; - - case 2: - if ((png_ptr->row_number & 0x07) != 4) - { - png_write_finish_row(png_ptr); - return; - } - break; - - case 3: - if ((png_ptr->row_number & 0x03) != 0 || png_ptr->width < 3) - { - png_write_finish_row(png_ptr); - return; - } - break; - - case 4: - if ((png_ptr->row_number & 0x03) != 2) - { - png_write_finish_row(png_ptr); - return; - } - break; - - case 5: - if ((png_ptr->row_number & 0x01) != 0 || png_ptr->width < 2) - { - png_write_finish_row(png_ptr); - return; - } - break; - - case 6: - if ((png_ptr->row_number & 0x01) == 0) - { - png_write_finish_row(png_ptr); - return; - } - break; - - default: /* error: ignore it */ - break; - } - } -#endif - - /* Set up row info for transformations */ - row_info.color_type = png_ptr->color_type; - row_info.width = png_ptr->usr_width; - row_info.channels = png_ptr->usr_channels; - row_info.bit_depth = png_ptr->usr_bit_depth; - row_info.pixel_depth = (png_byte)(row_info.bit_depth * row_info.channels); - row_info.rowbytes = PNG_ROWBYTES(row_info.pixel_depth, row_info.width); - - png_debug1(3, "row_info->color_type = %d", row_info.color_type); - png_debug1(3, "row_info->width = %u", row_info.width); - png_debug1(3, "row_info->channels = %d", row_info.channels); - png_debug1(3, "row_info->bit_depth = %d", row_info.bit_depth); - png_debug1(3, "row_info->pixel_depth = %d", row_info.pixel_depth); - png_debug1(3, "row_info->rowbytes = %lu", (unsigned long)row_info.rowbytes); - - /* Copy user's row into buffer, leaving room for filter byte. */ - memcpy(png_ptr->row_buf + 1, row, row_info.rowbytes); - -#ifdef PNG_WRITE_INTERLACING_SUPPORTED - /* Handle interlacing */ - if (png_ptr->interlaced && png_ptr->pass < 6 && - (png_ptr->transformations & PNG_INTERLACE) != 0) - { - png_do_write_interlace(&row_info, png_ptr->row_buf + 1, png_ptr->pass); - /* This should always get caught above, but still ... */ - if (row_info.width == 0) - { - png_write_finish_row(png_ptr); - return; - } - } -#endif - -#ifdef PNG_WRITE_TRANSFORMS_SUPPORTED - /* Handle other transformations */ - if (png_ptr->transformations != 0) - png_do_write_transformations(png_ptr, &row_info); -#endif - - /* At this point the row_info pixel depth must match the 'transformed' depth, - * which is also the output depth. - */ - if (row_info.pixel_depth != png_ptr->pixel_depth || - row_info.pixel_depth != png_ptr->transformed_pixel_depth) - png_error(png_ptr, "internal write transform logic error"); - -#ifdef PNG_MNG_FEATURES_SUPPORTED - /* Write filter_method 64 (intrapixel differencing) only if - * 1. Libpng was compiled with PNG_MNG_FEATURES_SUPPORTED and - * 2. Libpng did not write a PNG signature (this filter_method is only - * used in PNG datastreams that are embedded in MNG datastreams) and - * 3. The application called png_permit_mng_features with a mask that - * included PNG_FLAG_MNG_FILTER_64 and - * 4. The filter_method is 64 and - * 5. The color_type is RGB or RGBA - */ - if ((png_ptr->mng_features_permitted & PNG_FLAG_MNG_FILTER_64) != 0 && - (png_ptr->filter_type == PNG_INTRAPIXEL_DIFFERENCING)) - { - /* Intrapixel differencing */ - png_do_write_intrapixel(&row_info, png_ptr->row_buf + 1); - } -#endif - -/* Added at libpng-1.5.10 */ -#ifdef PNG_WRITE_CHECK_FOR_INVALID_INDEX_SUPPORTED - /* Check for out-of-range palette index */ - if (row_info.color_type == PNG_COLOR_TYPE_PALETTE && - png_ptr->num_palette_max >= 0) - png_do_check_palette_indexes(png_ptr, &row_info); -#endif - - /* Find a filter if necessary, filter the row and write it out. */ - png_write_find_filter(png_ptr, &row_info); - - if (png_ptr->write_row_fn != NULL) - (*(png_ptr->write_row_fn))(png_ptr, png_ptr->row_number, png_ptr->pass); -} - -#ifdef PNG_WRITE_FLUSH_SUPPORTED -/* Set the automatic flush interval or 0 to turn flushing off */ -void PNGAPI -png_set_flush(png_structrp png_ptr, int nrows) -{ - png_debug(1, "in png_set_flush"); - - if (png_ptr == NULL) - return; - - png_ptr->flush_dist = (nrows < 0 ? 0 : nrows); -} - -/* Flush the current output buffers now */ -void PNGAPI -png_write_flush(png_structrp png_ptr) -{ - png_debug(1, "in png_write_flush"); - - if (png_ptr == NULL) - return; - - /* We have already written out all of the data */ - if (png_ptr->row_number >= png_ptr->num_rows) - return; - - png_compress_IDAT(png_ptr, NULL, 0, Z_SYNC_FLUSH); - png_ptr->flush_rows = 0; - png_flush(png_ptr); -} -#endif /* WRITE_FLUSH */ - -/* Free any memory used in png_ptr struct without freeing the struct itself. */ -static void -png_write_destroy(png_structrp png_ptr) -{ - png_debug(1, "in png_write_destroy"); - - /* Free any memory zlib uses */ - if ((png_ptr->flags & PNG_FLAG_ZSTREAM_INITIALIZED) != 0) - deflateEnd(&png_ptr->zstream); - - /* Free our memory. png_free checks NULL for us. */ - png_free_buffer_list(png_ptr, &png_ptr->zbuffer_list); - png_free(png_ptr, png_ptr->row_buf); - png_ptr->row_buf = NULL; -#ifdef PNG_WRITE_FILTER_SUPPORTED - png_free(png_ptr, png_ptr->prev_row); - png_free(png_ptr, png_ptr->try_row); - png_free(png_ptr, png_ptr->tst_row); - png_ptr->prev_row = NULL; - png_ptr->try_row = NULL; - png_ptr->tst_row = NULL; -#endif - -#ifdef PNG_SET_UNKNOWN_CHUNKS_SUPPORTED - png_free(png_ptr, png_ptr->chunk_list); - png_ptr->chunk_list = NULL; -#endif - - /* The error handling and memory handling information is left intact at this - * point: the jmp_buf may still have to be freed. See png_destroy_png_struct - * for how this happens. - */ -} - -/* Free all memory used by the write. - * In libpng 1.6.0 this API changed quietly to no longer accept a NULL value for - * *png_ptr_ptr. Prior to 1.6.0 it would accept such a value and it would free - * the passed in info_structs but it would quietly fail to free any of the data - * inside them. In 1.6.0 it quietly does nothing (it has to be quiet because it - * has no png_ptr.) - */ -void PNGAPI -png_destroy_write_struct(png_structpp png_ptr_ptr, png_infopp info_ptr_ptr) -{ - png_debug(1, "in png_destroy_write_struct"); - - if (png_ptr_ptr != NULL) - { - png_structrp png_ptr = *png_ptr_ptr; - - if (png_ptr != NULL) /* added in libpng 1.6.0 */ - { - png_destroy_info_struct(png_ptr, info_ptr_ptr); - - *png_ptr_ptr = NULL; - png_write_destroy(png_ptr); - png_destroy_png_struct(png_ptr); - } - } -} - -/* Allow the application to select one or more row filters to use. */ -void PNGAPI -png_set_filter(png_structrp png_ptr, int method, int filters) -{ - png_debug(1, "in png_set_filter"); - - if (png_ptr == NULL) - return; - -#ifdef PNG_MNG_FEATURES_SUPPORTED - if ((png_ptr->mng_features_permitted & PNG_FLAG_MNG_FILTER_64) != 0 && - (method == PNG_INTRAPIXEL_DIFFERENCING)) - method = PNG_FILTER_TYPE_BASE; - -#endif - if (method == PNG_FILTER_TYPE_BASE) - { - switch (filters & (PNG_ALL_FILTERS | 0x07)) - { -#ifdef PNG_WRITE_FILTER_SUPPORTED - case 5: - case 6: - case 7: png_app_error(png_ptr, "Unknown row filter for method 0"); - /* FALL THROUGH */ -#endif /* WRITE_FILTER */ - case PNG_FILTER_VALUE_NONE: - png_ptr->do_filter = PNG_FILTER_NONE; break; - -#ifdef PNG_WRITE_FILTER_SUPPORTED - case PNG_FILTER_VALUE_SUB: - png_ptr->do_filter = PNG_FILTER_SUB; break; - - case PNG_FILTER_VALUE_UP: - png_ptr->do_filter = PNG_FILTER_UP; break; - - case PNG_FILTER_VALUE_AVG: - png_ptr->do_filter = PNG_FILTER_AVG; break; - - case PNG_FILTER_VALUE_PAETH: - png_ptr->do_filter = PNG_FILTER_PAETH; break; - - default: - png_ptr->do_filter = (png_byte)filters; break; -#else - default: - png_app_error(png_ptr, "Unknown row filter for method 0"); -#endif /* WRITE_FILTER */ - } - -#ifdef PNG_WRITE_FILTER_SUPPORTED - /* If we have allocated the row_buf, this means we have already started - * with the image and we should have allocated all of the filter buffers - * that have been selected. If prev_row isn't already allocated, then - * it is too late to start using the filters that need it, since we - * will be missing the data in the previous row. If an application - * wants to start and stop using particular filters during compression, - * it should start out with all of the filters, and then remove them - * or add them back after the start of compression. - * - * NOTE: this is a nasty constraint on the code, because it means that the - * prev_row buffer must be maintained even if there are currently no - * 'prev_row' requiring filters active. - */ - if (png_ptr->row_buf != NULL) - { - int num_filters; - png_alloc_size_t buf_size; - - /* Repeat the checks in png_write_start_row; 1 pixel high or wide - * images cannot benefit from certain filters. If this isn't done here - * the check below will fire on 1 pixel high images. - */ - if (png_ptr->height == 1) - filters &= ~(PNG_FILTER_UP|PNG_FILTER_AVG|PNG_FILTER_PAETH); - - if (png_ptr->width == 1) - filters &= ~(PNG_FILTER_SUB|PNG_FILTER_AVG|PNG_FILTER_PAETH); - - if ((filters & (PNG_FILTER_UP|PNG_FILTER_AVG|PNG_FILTER_PAETH)) != 0 - && png_ptr->prev_row == NULL) - { - /* This is the error case, however it is benign - the previous row - * is not available so the filter can't be used. Just warn here. - */ - png_app_warning(png_ptr, - "png_set_filter: UP/AVG/PAETH cannot be added after start"); - filters &= ~(PNG_FILTER_UP|PNG_FILTER_AVG|PNG_FILTER_PAETH); - } - - num_filters = 0; - - if (filters & PNG_FILTER_SUB) - num_filters++; - - if (filters & PNG_FILTER_UP) - num_filters++; - - if (filters & PNG_FILTER_AVG) - num_filters++; - - if (filters & PNG_FILTER_PAETH) - num_filters++; - - /* Allocate needed row buffers if they have not already been - * allocated. - */ - buf_size = PNG_ROWBYTES(png_ptr->usr_channels * png_ptr->usr_bit_depth, - png_ptr->width) + 1; - - if (png_ptr->try_row == NULL) - png_ptr->try_row = png_voidcast(png_bytep, - png_malloc(png_ptr, buf_size)); - - if (num_filters > 1) - { - if (png_ptr->tst_row == NULL) - png_ptr->tst_row = png_voidcast(png_bytep, - png_malloc(png_ptr, buf_size)); - } - } - png_ptr->do_filter = (png_byte)filters; -#endif - } - else - png_error(png_ptr, "Unknown custom filter method"); -} - -#ifdef PNG_WRITE_WEIGHTED_FILTER_SUPPORTED /* DEPRECATED */ -/* Provide floating and fixed point APIs */ -#ifdef PNG_FLOATING_POINT_SUPPORTED -void PNGAPI -png_set_filter_heuristics(png_structrp png_ptr, int heuristic_method, - int num_weights, png_const_doublep filter_weights, - png_const_doublep filter_costs) -{ - PNG_UNUSED(png_ptr) - PNG_UNUSED(heuristic_method) - PNG_UNUSED(num_weights) - PNG_UNUSED(filter_weights) - PNG_UNUSED(filter_costs) -} -#endif /* FLOATING_POINT */ - -#ifdef PNG_FIXED_POINT_SUPPORTED -void PNGAPI -png_set_filter_heuristics_fixed(png_structrp png_ptr, int heuristic_method, - int num_weights, png_const_fixed_point_p filter_weights, - png_const_fixed_point_p filter_costs) -{ - PNG_UNUSED(png_ptr) - PNG_UNUSED(heuristic_method) - PNG_UNUSED(num_weights) - PNG_UNUSED(filter_weights) - PNG_UNUSED(filter_costs) -} -#endif /* FIXED_POINT */ -#endif /* WRITE_WEIGHTED_FILTER */ - -#ifdef PNG_WRITE_CUSTOMIZE_COMPRESSION_SUPPORTED -void PNGAPI -png_set_compression_level(png_structrp png_ptr, int level) -{ - png_debug(1, "in png_set_compression_level"); - - if (png_ptr == NULL) - return; - - png_ptr->zlib_level = level; -} - -void PNGAPI -png_set_compression_mem_level(png_structrp png_ptr, int mem_level) -{ - png_debug(1, "in png_set_compression_mem_level"); - - if (png_ptr == NULL) - return; - - png_ptr->zlib_mem_level = mem_level; -} - -void PNGAPI -png_set_compression_strategy(png_structrp png_ptr, int strategy) -{ - png_debug(1, "in png_set_compression_strategy"); - - if (png_ptr == NULL) - return; - - /* The flag setting here prevents the libpng dynamic selection of strategy. - */ - png_ptr->flags |= PNG_FLAG_ZLIB_CUSTOM_STRATEGY; - png_ptr->zlib_strategy = strategy; -} - -/* If PNG_WRITE_OPTIMIZE_CMF_SUPPORTED is defined, libpng will use a - * smaller value of window_bits if it can do so safely. - */ -void PNGAPI -png_set_compression_window_bits(png_structrp png_ptr, int window_bits) -{ - if (png_ptr == NULL) - return; - - /* Prior to 1.6.0 this would warn but then set the window_bits value. This - * meant that negative window bits values could be selected that would cause - * libpng to write a non-standard PNG file with raw deflate or gzip - * compressed IDAT or ancillary chunks. Such files can be read and there is - * no warning on read, so this seems like a very bad idea. - */ - if (window_bits > 15) - { - png_warning(png_ptr, "Only compression windows <= 32k supported by PNG"); - window_bits = 15; - } - - else if (window_bits < 8) - { - png_warning(png_ptr, "Only compression windows >= 256 supported by PNG"); - window_bits = 8; - } - - png_ptr->zlib_window_bits = window_bits; -} - -void PNGAPI -png_set_compression_method(png_structrp png_ptr, int method) -{ - png_debug(1, "in png_set_compression_method"); - - if (png_ptr == NULL) - return; - - /* This would produce an invalid PNG file if it worked, but it doesn't and - * deflate will fault it, so it is harmless to just warn here. - */ - if (method != 8) - png_warning(png_ptr, "Only compression method 8 is supported by PNG"); - - png_ptr->zlib_method = method; -} -#endif /* WRITE_CUSTOMIZE_COMPRESSION */ - -/* The following were added to libpng-1.5.4 */ -#ifdef PNG_WRITE_CUSTOMIZE_ZTXT_COMPRESSION_SUPPORTED -void PNGAPI -png_set_text_compression_level(png_structrp png_ptr, int level) -{ - png_debug(1, "in png_set_text_compression_level"); - - if (png_ptr == NULL) - return; - - png_ptr->zlib_text_level = level; -} - -void PNGAPI -png_set_text_compression_mem_level(png_structrp png_ptr, int mem_level) -{ - png_debug(1, "in png_set_text_compression_mem_level"); - - if (png_ptr == NULL) - return; - - png_ptr->zlib_text_mem_level = mem_level; -} - -void PNGAPI -png_set_text_compression_strategy(png_structrp png_ptr, int strategy) -{ - png_debug(1, "in png_set_text_compression_strategy"); - - if (png_ptr == NULL) - return; - - png_ptr->zlib_text_strategy = strategy; -} - -/* If PNG_WRITE_OPTIMIZE_CMF_SUPPORTED is defined, libpng will use a - * smaller value of window_bits if it can do so safely. - */ -void PNGAPI -png_set_text_compression_window_bits(png_structrp png_ptr, int window_bits) -{ - if (png_ptr == NULL) - return; - - if (window_bits > 15) - { - png_warning(png_ptr, "Only compression windows <= 32k supported by PNG"); - window_bits = 15; - } - - else if (window_bits < 8) - { - png_warning(png_ptr, "Only compression windows >= 256 supported by PNG"); - window_bits = 8; - } - - png_ptr->zlib_text_window_bits = window_bits; -} - -void PNGAPI -png_set_text_compression_method(png_structrp png_ptr, int method) -{ - png_debug(1, "in png_set_text_compression_method"); - - if (png_ptr == NULL) - return; - - if (method != 8) - png_warning(png_ptr, "Only compression method 8 is supported by PNG"); - - png_ptr->zlib_text_method = method; -} -#endif /* WRITE_CUSTOMIZE_ZTXT_COMPRESSION */ -/* end of API added to libpng-1.5.4 */ - -void PNGAPI -png_set_write_status_fn(png_structrp png_ptr, png_write_status_ptr write_row_fn) -{ - if (png_ptr == NULL) - return; - - png_ptr->write_row_fn = write_row_fn; -} - -#ifdef PNG_WRITE_USER_TRANSFORM_SUPPORTED -void PNGAPI -png_set_write_user_transform_fn(png_structrp png_ptr, png_user_transform_ptr - write_user_transform_fn) -{ - png_debug(1, "in png_set_write_user_transform_fn"); - - if (png_ptr == NULL) - return; - - png_ptr->transformations |= PNG_USER_TRANSFORM; - png_ptr->write_user_transform_fn = write_user_transform_fn; -} -#endif - - -#ifdef PNG_INFO_IMAGE_SUPPORTED -void PNGAPI -png_write_png(png_structrp png_ptr, png_inforp info_ptr, - int transforms, voidp params) -{ - if (png_ptr == NULL || info_ptr == NULL) - return; - - if ((info_ptr->valid & PNG_INFO_IDAT) == 0) - { - png_app_error(png_ptr, "no rows for png_write_image to write"); - return; - } - - /* Write the file header information. */ - png_write_info(png_ptr, info_ptr); - - /* ------ these transformations don't touch the info structure ------- */ - - /* Invert monochrome pixels */ - if ((transforms & PNG_TRANSFORM_INVERT_MONO) != 0) -#ifdef PNG_WRITE_INVERT_SUPPORTED - png_set_invert_mono(png_ptr); -#else - png_app_error(png_ptr, "PNG_TRANSFORM_INVERT_MONO not supported"); -#endif - - /* Shift the pixels up to a legal bit depth and fill in - * as appropriate to correctly scale the image. - */ - if ((transforms & PNG_TRANSFORM_SHIFT) != 0) -#ifdef PNG_WRITE_SHIFT_SUPPORTED - if ((info_ptr->valid & PNG_INFO_sBIT) != 0) - png_set_shift(png_ptr, &info_ptr->sig_bit); -#else - png_app_error(png_ptr, "PNG_TRANSFORM_SHIFT not supported"); -#endif - - /* Pack pixels into bytes */ - if ((transforms & PNG_TRANSFORM_PACKING) != 0) -#ifdef PNG_WRITE_PACK_SUPPORTED - png_set_packing(png_ptr); -#else - png_app_error(png_ptr, "PNG_TRANSFORM_PACKING not supported"); -#endif - - /* Swap location of alpha bytes from ARGB to RGBA */ - if ((transforms & PNG_TRANSFORM_SWAP_ALPHA) != 0) -#ifdef PNG_WRITE_SWAP_ALPHA_SUPPORTED - png_set_swap_alpha(png_ptr); -#else - png_app_error(png_ptr, "PNG_TRANSFORM_SWAP_ALPHA not supported"); -#endif - - /* Remove a filler (X) from XRGB/RGBX/AG/GA into to convert it into - * RGB, note that the code expects the input color type to be G or RGB; no - * alpha channel. - */ - if ((transforms & (PNG_TRANSFORM_STRIP_FILLER_AFTER| - PNG_TRANSFORM_STRIP_FILLER_BEFORE)) != 0) - { -#ifdef PNG_WRITE_FILLER_SUPPORTED - if ((transforms & PNG_TRANSFORM_STRIP_FILLER_AFTER) != 0) - { - if ((transforms & PNG_TRANSFORM_STRIP_FILLER_BEFORE) != 0) - png_app_error(png_ptr, - "PNG_TRANSFORM_STRIP_FILLER: BEFORE+AFTER not supported"); - - /* Continue if ignored - this is the pre-1.6.10 behavior */ - png_set_filler(png_ptr, 0, PNG_FILLER_AFTER); - } - - else if ((transforms & PNG_TRANSFORM_STRIP_FILLER_BEFORE) != 0) - png_set_filler(png_ptr, 0, PNG_FILLER_BEFORE); -#else - png_app_error(png_ptr, "PNG_TRANSFORM_STRIP_FILLER not supported"); -#endif - } - - /* Flip BGR pixels to RGB */ - if ((transforms & PNG_TRANSFORM_BGR) != 0) -#ifdef PNG_WRITE_BGR_SUPPORTED - png_set_bgr(png_ptr); -#else - png_app_error(png_ptr, "PNG_TRANSFORM_BGR not supported"); -#endif - - /* Swap bytes of 16-bit files to most significant byte first */ - if ((transforms & PNG_TRANSFORM_SWAP_ENDIAN) != 0) -#ifdef PNG_WRITE_SWAP_SUPPORTED - png_set_swap(png_ptr); -#else - png_app_error(png_ptr, "PNG_TRANSFORM_SWAP_ENDIAN not supported"); -#endif - - /* Swap bits of 1-bit, 2-bit, 4-bit packed pixel formats */ - if ((transforms & PNG_TRANSFORM_PACKSWAP) != 0) -#ifdef PNG_WRITE_PACKSWAP_SUPPORTED - png_set_packswap(png_ptr); -#else - png_app_error(png_ptr, "PNG_TRANSFORM_PACKSWAP not supported"); -#endif - - /* Invert the alpha channel from opacity to transparency */ - if ((transforms & PNG_TRANSFORM_INVERT_ALPHA) != 0) -#ifdef PNG_WRITE_INVERT_ALPHA_SUPPORTED - png_set_invert_alpha(png_ptr); -#else - png_app_error(png_ptr, "PNG_TRANSFORM_INVERT_ALPHA not supported"); -#endif - - /* ----------------------- end of transformations ------------------- */ - - /* Write the bits */ - png_write_image(png_ptr, info_ptr->row_pointers); - - /* It is REQUIRED to call this to finish writing the rest of the file */ - png_write_end(png_ptr, info_ptr); - - PNG_UNUSED(params) -} -#endif - - -#ifdef PNG_SIMPLIFIED_WRITE_SUPPORTED -# ifdef PNG_STDIO_SUPPORTED /* currently required for png_image_write_* */ -/* Initialize the write structure - general purpose utility. */ -static int -png_image_write_init(png_imagep image) -{ - png_structp png_ptr = png_create_write_struct(PNG_LIBPNG_VER_STRING, image, - png_safe_error, png_safe_warning); - - if (png_ptr != NULL) - { - png_infop info_ptr = png_create_info_struct(png_ptr); - - if (info_ptr != NULL) - { - png_controlp control = png_voidcast(png_controlp, - png_malloc_warn(png_ptr, (sizeof *control))); - - if (control != NULL) - { - memset(control, 0, (sizeof *control)); - - control->png_ptr = png_ptr; - control->info_ptr = info_ptr; - control->for_write = 1; - - image->opaque = control; - return 1; - } - - /* Error clean up */ - png_destroy_info_struct(png_ptr, &info_ptr); - } - - png_destroy_write_struct(&png_ptr, NULL); - } - - return png_image_error(image, "png_image_write_: out of memory"); -} - -/* Arguments to png_image_write_main: */ -typedef struct -{ - /* Arguments: */ - png_imagep image; - png_const_voidp buffer; - png_int_32 row_stride; - png_const_voidp colormap; - int convert_to_8bit; - /* Local variables: */ - png_const_voidp first_row; - ptrdiff_t row_bytes; - png_voidp local_row; -} png_image_write_control; - -/* Write png_uint_16 input to a 16-bit PNG; the png_ptr has already been set to - * do any necessary byte swapping. The component order is defined by the - * png_image format value. - */ -static int -png_write_image_16bit(png_voidp argument) -{ - png_image_write_control *display = png_voidcast(png_image_write_control*, - argument); - png_imagep image = display->image; - png_structrp png_ptr = image->opaque->png_ptr; - - png_const_uint_16p input_row = png_voidcast(png_const_uint_16p, - display->first_row); - png_uint_16p output_row = png_voidcast(png_uint_16p, display->local_row); - png_uint_16p row_end; - const int channels = (image->format & PNG_FORMAT_FLAG_COLOR) != 0 ? 3 : 1; - int aindex = 0; - png_uint_32 y = image->height; - - if ((image->format & PNG_FORMAT_FLAG_ALPHA) != 0) - { -# ifdef PNG_SIMPLIFIED_WRITE_AFIRST_SUPPORTED - if ((image->format & PNG_FORMAT_FLAG_AFIRST) != 0) - { - aindex = -1; - ++input_row; /* To point to the first component */ - ++output_row; - } - else - aindex = channels; -# else - aindex = channels; -# endif - } - - else - png_error(png_ptr, "png_write_image: internal call error"); - - /* Work out the output row end and count over this, note that the increment - * above to 'row' means that row_end can actually be beyond the end of the - * row; this is correct. - */ - row_end = output_row + image->width * (channels+1); - - while (y-- > 0) - { - png_const_uint_16p in_ptr = input_row; - png_uint_16p out_ptr = output_row; - - while (out_ptr < row_end) - { - const png_uint_16 alpha = in_ptr[aindex]; - png_uint_32 reciprocal = 0; - int c; - - out_ptr[aindex] = alpha; - - /* Calculate a reciprocal. The correct calculation is simply - * component/alpha*65535 << 15. (I.e. 15 bits of precision); this - * allows correct rounding by adding .5 before the shift. 'reciprocal' - * is only initialized when required. - */ - if (alpha > 0 && alpha < 65535) - reciprocal = ((0xffff<<15)+(alpha>>1))/alpha; - - c = channels; - do /* always at least one channel */ - { - png_uint_16 component = *in_ptr++; - - /* The following gives 65535 for an alpha of 0, which is fine, - * otherwise if 0/0 is represented as some other value there is more - * likely to be a discontinuity which will probably damage - * compression when moving from a fully transparent area to a - * nearly transparent one. (The assumption here is that opaque - * areas tend not to be 0 intensity.) - */ - if (component >= alpha) - component = 65535; - - /* component<alpha, so component/alpha is less than one and - * component*reciprocal is less than 2^31. - */ - else if (component > 0 && alpha < 65535) - { - png_uint_32 calc = component * reciprocal; - calc += 16384; /* round to nearest */ - component = (png_uint_16)(calc >> 15); - } - - *out_ptr++ = component; - } - while (--c > 0); - - /* Skip to next component (skip the intervening alpha channel) */ - ++in_ptr; - ++out_ptr; - } - - png_write_row(png_ptr, png_voidcast(png_const_bytep, display->local_row)); - input_row += display->row_bytes/(sizeof (png_uint_16)); - } - - return 1; -} - -/* Given 16-bit input (1 to 4 channels) write 8-bit output. If an alpha channel - * is present it must be removed from the components, the components are then - * written in sRGB encoding. No components are added or removed. - * - * Calculate an alpha reciprocal to reverse pre-multiplication. As above the - * calculation can be done to 15 bits of accuracy; however, the output needs to - * be scaled in the range 0..255*65535, so include that scaling here. - */ -# define UNP_RECIPROCAL(alpha) ((((0xffff*0xff)<<7)+(alpha>>1))/alpha) - -static png_byte -png_unpremultiply(png_uint_32 component, png_uint_32 alpha, - png_uint_32 reciprocal/*from the above macro*/) -{ - /* The following gives 1.0 for an alpha of 0, which is fine, otherwise if 0/0 - * is represented as some other value there is more likely to be a - * discontinuity which will probably damage compression when moving from a - * fully transparent area to a nearly transparent one. (The assumption here - * is that opaque areas tend not to be 0 intensity.) - * - * There is a rounding problem here; if alpha is less than 128 it will end up - * as 0 when scaled to 8 bits. To avoid introducing spurious colors into the - * output change for this too. - */ - if (component >= alpha || alpha < 128) - return 255; - - /* component<alpha, so component/alpha is less than one and - * component*reciprocal is less than 2^31. - */ - else if (component > 0) - { - /* The test is that alpha/257 (rounded) is less than 255, the first value - * that becomes 255 is 65407. - * NOTE: this must agree with the PNG_DIV257 macro (which must, therefore, - * be exact!) [Could also test reciprocal != 0] - */ - if (alpha < 65407) - { - component *= reciprocal; - component += 64; /* round to nearest */ - component >>= 7; - } - - else - component *= 255; - - /* Convert the component to sRGB. */ - return (png_byte)PNG_sRGB_FROM_LINEAR(component); - } - - else - return 0; -} - -static int -png_write_image_8bit(png_voidp argument) -{ - png_image_write_control *display = png_voidcast(png_image_write_control*, - argument); - png_imagep image = display->image; - png_structrp png_ptr = image->opaque->png_ptr; - - png_const_uint_16p input_row = png_voidcast(png_const_uint_16p, - display->first_row); - png_bytep output_row = png_voidcast(png_bytep, display->local_row); - png_uint_32 y = image->height; - const int channels = (image->format & PNG_FORMAT_FLAG_COLOR) != 0 ? 3 : 1; - - if ((image->format & PNG_FORMAT_FLAG_ALPHA) != 0) - { - png_bytep row_end; - int aindex; - -# ifdef PNG_SIMPLIFIED_WRITE_AFIRST_SUPPORTED - if ((image->format & PNG_FORMAT_FLAG_AFIRST) != 0) - { - aindex = -1; - ++input_row; /* To point to the first component */ - ++output_row; - } - - else -# endif - aindex = channels; - - /* Use row_end in place of a loop counter: */ - row_end = output_row + image->width * (channels+1); - - while (y-- > 0) - { - png_const_uint_16p in_ptr = input_row; - png_bytep out_ptr = output_row; - - while (out_ptr < row_end) - { - png_uint_16 alpha = in_ptr[aindex]; - png_byte alphabyte = (png_byte)PNG_DIV257(alpha); - png_uint_32 reciprocal = 0; - int c; - - /* Scale and write the alpha channel. */ - out_ptr[aindex] = alphabyte; - - if (alphabyte > 0 && alphabyte < 255) - reciprocal = UNP_RECIPROCAL(alpha); - - c = channels; - do /* always at least one channel */ - *out_ptr++ = png_unpremultiply(*in_ptr++, alpha, reciprocal); - while (--c > 0); - - /* Skip to next component (skip the intervening alpha channel) */ - ++in_ptr; - ++out_ptr; - } /* while out_ptr < row_end */ - - png_write_row(png_ptr, png_voidcast(png_const_bytep, - display->local_row)); - input_row += display->row_bytes/(sizeof (png_uint_16)); - } /* while y */ - } - - else - { - /* No alpha channel, so the row_end really is the end of the row and it - * is sufficient to loop over the components one by one. - */ - png_bytep row_end = output_row + image->width * channels; - - while (y-- > 0) - { - png_const_uint_16p in_ptr = input_row; - png_bytep out_ptr = output_row; - - while (out_ptr < row_end) - { - png_uint_32 component = *in_ptr++; - - component *= 255; - *out_ptr++ = (png_byte)PNG_sRGB_FROM_LINEAR(component); - } - - png_write_row(png_ptr, output_row); - input_row += display->row_bytes/(sizeof (png_uint_16)); - } - } - - return 1; -} - -static void -png_image_set_PLTE(png_image_write_control *display) -{ - const png_imagep image = display->image; - const void *cmap = display->colormap; - const int entries = image->colormap_entries > 256 ? 256 : - (int)image->colormap_entries; - - /* NOTE: the caller must check for cmap != NULL and entries != 0 */ - const png_uint_32 format = image->format; - const int channels = PNG_IMAGE_SAMPLE_CHANNELS(format); - -# if defined(PNG_FORMAT_BGR_SUPPORTED) &&\ - defined(PNG_SIMPLIFIED_WRITE_AFIRST_SUPPORTED) - const int afirst = (format & PNG_FORMAT_FLAG_AFIRST) != 0 && - (format & PNG_FORMAT_FLAG_ALPHA) != 0; -# else -# define afirst 0 -# endif - -# ifdef PNG_FORMAT_BGR_SUPPORTED - const int bgr = (format & PNG_FORMAT_FLAG_BGR) != 0 ? 2 : 0; -# else -# define bgr 0 -# endif - - int i, num_trans; - png_color palette[256]; - png_byte tRNS[256]; - - memset(tRNS, 255, (sizeof tRNS)); - memset(palette, 0, (sizeof palette)); - - for (i=num_trans=0; i<entries; ++i) - { - /* This gets automatically converted to sRGB with reversal of the - * pre-multiplication if the color-map has an alpha channel. - */ - if ((format & PNG_FORMAT_FLAG_LINEAR) != 0) - { - png_const_uint_16p entry = png_voidcast(png_const_uint_16p, cmap); - - entry += i * channels; - - if ((channels & 1) != 0) /* no alpha */ - { - if (channels >= 3) /* RGB */ - { - palette[i].blue = (png_byte)PNG_sRGB_FROM_LINEAR(255 * - entry[(2 ^ bgr)]); - palette[i].green = (png_byte)PNG_sRGB_FROM_LINEAR(255 * - entry[1]); - palette[i].red = (png_byte)PNG_sRGB_FROM_LINEAR(255 * - entry[bgr]); - } - - else /* Gray */ - palette[i].blue = palette[i].red = palette[i].green = - (png_byte)PNG_sRGB_FROM_LINEAR(255 * *entry); - } - - else /* alpha */ - { - png_uint_16 alpha = entry[afirst ? 0 : channels-1]; - png_byte alphabyte = (png_byte)PNG_DIV257(alpha); - png_uint_32 reciprocal = 0; - - /* Calculate a reciprocal, as in the png_write_image_8bit code above - * this is designed to produce a value scaled to 255*65535 when - * divided by 128 (i.e. asr 7). - */ - if (alphabyte > 0 && alphabyte < 255) - reciprocal = (((0xffff*0xff)<<7)+(alpha>>1))/alpha; - - tRNS[i] = alphabyte; - if (alphabyte < 255) - num_trans = i+1; - - if (channels >= 3) /* RGB */ - { - palette[i].blue = png_unpremultiply(entry[afirst + (2 ^ bgr)], - alpha, reciprocal); - palette[i].green = png_unpremultiply(entry[afirst + 1], alpha, - reciprocal); - palette[i].red = png_unpremultiply(entry[afirst + bgr], alpha, - reciprocal); - } - - else /* gray */ - palette[i].blue = palette[i].red = palette[i].green = - png_unpremultiply(entry[afirst], alpha, reciprocal); - } - } - - else /* Color-map has sRGB values */ - { - png_const_bytep entry = png_voidcast(png_const_bytep, cmap); - - entry += i * channels; - - switch (channels) - { - case 4: - tRNS[i] = entry[afirst ? 0 : 3]; - if (tRNS[i] < 255) - num_trans = i+1; - /* FALL THROUGH */ - case 3: - palette[i].blue = entry[afirst + (2 ^ bgr)]; - palette[i].green = entry[afirst + 1]; - palette[i].red = entry[afirst + bgr]; - break; - - case 2: - tRNS[i] = entry[1 ^ afirst]; - if (tRNS[i] < 255) - num_trans = i+1; - /* FALL THROUGH */ - case 1: - palette[i].blue = palette[i].red = palette[i].green = - entry[afirst]; - break; - - default: - break; - } - } - } - -# ifdef afirst -# undef afirst -# endif -# ifdef bgr -# undef bgr -# endif - - png_set_PLTE(image->opaque->png_ptr, image->opaque->info_ptr, palette, - entries); - - if (num_trans > 0) - png_set_tRNS(image->opaque->png_ptr, image->opaque->info_ptr, tRNS, - num_trans, NULL); - - image->colormap_entries = entries; -} - -static int -png_image_write_main(png_voidp argument) -{ - png_image_write_control *display = png_voidcast(png_image_write_control*, - argument); - png_imagep image = display->image; - png_structrp png_ptr = image->opaque->png_ptr; - png_inforp info_ptr = image->opaque->info_ptr; - png_uint_32 format = image->format; - - /* The following four ints are actually booleans */ - int colormap = (format & PNG_FORMAT_FLAG_COLORMAP); - int linear = !colormap && (format & PNG_FORMAT_FLAG_LINEAR); /* input */ - int alpha = !colormap && (format & PNG_FORMAT_FLAG_ALPHA); - int write_16bit = linear && !colormap && (display->convert_to_8bit == 0); - -# ifdef PNG_BENIGN_ERRORS_SUPPORTED - /* Make sure we error out on any bad situation */ - png_set_benign_errors(png_ptr, 0/*error*/); -# endif - - /* Default the 'row_stride' parameter if required. */ - if (display->row_stride == 0) - display->row_stride = PNG_IMAGE_ROW_STRIDE(*image); - - /* Set the required transforms then write the rows in the correct order. */ - if ((format & PNG_FORMAT_FLAG_COLORMAP) != 0) - { - if (display->colormap != NULL && image->colormap_entries > 0) - { - png_uint_32 entries = image->colormap_entries; - - png_set_IHDR(png_ptr, info_ptr, image->width, image->height, - entries > 16 ? 8 : (entries > 4 ? 4 : (entries > 2 ? 2 : 1)), - PNG_COLOR_TYPE_PALETTE, PNG_INTERLACE_NONE, - PNG_COMPRESSION_TYPE_BASE, PNG_FILTER_TYPE_BASE); - - png_image_set_PLTE(display); - } - - else - png_error(image->opaque->png_ptr, - "no color-map for color-mapped image"); - } - - else - png_set_IHDR(png_ptr, info_ptr, image->width, image->height, - write_16bit ? 16 : 8, - ((format & PNG_FORMAT_FLAG_COLOR) ? PNG_COLOR_MASK_COLOR : 0) + - ((format & PNG_FORMAT_FLAG_ALPHA) ? PNG_COLOR_MASK_ALPHA : 0), - PNG_INTERLACE_NONE, PNG_COMPRESSION_TYPE_BASE, PNG_FILTER_TYPE_BASE); - - /* Counter-intuitively the data transformations must be called *after* - * png_write_info, not before as in the read code, but the 'set' functions - * must still be called before. Just set the color space information, never - * write an interlaced image. - */ - - if (write_16bit != 0) - { - /* The gamma here is 1.0 (linear) and the cHRM chunk matches sRGB. */ - png_set_gAMA_fixed(png_ptr, info_ptr, PNG_GAMMA_LINEAR); - - if ((image->flags & PNG_IMAGE_FLAG_COLORSPACE_NOT_sRGB) == 0) - png_set_cHRM_fixed(png_ptr, info_ptr, - /* color x y */ - /* white */ 31270, 32900, - /* red */ 64000, 33000, - /* green */ 30000, 60000, - /* blue */ 15000, 6000 - ); - } - - else if ((image->flags & PNG_IMAGE_FLAG_COLORSPACE_NOT_sRGB) == 0) - png_set_sRGB(png_ptr, info_ptr, PNG_sRGB_INTENT_PERCEPTUAL); - - /* Else writing an 8-bit file and the *colors* aren't sRGB, but the 8-bit - * space must still be gamma encoded. - */ - else - png_set_gAMA_fixed(png_ptr, info_ptr, PNG_GAMMA_sRGB_INVERSE); - - /* Write the file header. */ - png_write_info(png_ptr, info_ptr); - - /* Now set up the data transformations (*after* the header is written), - * remove the handled transformations from the 'format' flags for checking. - * - * First check for a little endian system if writing 16-bit files. - */ - if (write_16bit != 0) - { - PNG_CONST png_uint_16 le = 0x0001; - - if ((*(png_const_bytep) & le) != 0) - png_set_swap(png_ptr); - } - -# ifdef PNG_SIMPLIFIED_WRITE_BGR_SUPPORTED - if ((format & PNG_FORMAT_FLAG_BGR) != 0) - { - if (colormap == 0 && (format & PNG_FORMAT_FLAG_COLOR) != 0) - png_set_bgr(png_ptr); - format &= ~PNG_FORMAT_FLAG_BGR; - } -# endif - -# ifdef PNG_SIMPLIFIED_WRITE_AFIRST_SUPPORTED - if ((format & PNG_FORMAT_FLAG_AFIRST) != 0) - { - if (colormap == 0 && (format & PNG_FORMAT_FLAG_ALPHA) != 0) - png_set_swap_alpha(png_ptr); - format &= ~PNG_FORMAT_FLAG_AFIRST; - } -# endif - - /* If there are 16 or fewer color-map entries we wrote a lower bit depth - * above, but the application data is still byte packed. - */ - if (colormap != 0 && image->colormap_entries <= 16) - png_set_packing(png_ptr); - - /* That should have handled all (both) the transforms. */ - if ((format & ~(png_uint_32)(PNG_FORMAT_FLAG_COLOR | PNG_FORMAT_FLAG_LINEAR | - PNG_FORMAT_FLAG_ALPHA | PNG_FORMAT_FLAG_COLORMAP)) != 0) - png_error(png_ptr, "png_write_image: unsupported transformation"); - - { - png_const_bytep row = png_voidcast(png_const_bytep, display->buffer); - ptrdiff_t row_bytes = display->row_stride; - - if (linear != 0) - row_bytes *= (sizeof (png_uint_16)); - - if (row_bytes < 0) - row += (image->height-1) * (-row_bytes); - - display->first_row = row; - display->row_bytes = row_bytes; - } - - /* Apply 'fast' options if the flag is set. */ - if ((image->flags & PNG_IMAGE_FLAG_FAST) != 0) - { - png_set_filter(png_ptr, PNG_FILTER_TYPE_BASE, PNG_NO_FILTERS); - /* NOTE: determined by experiment using pngstest, this reflects some - * balance between the time to write the image once and the time to read - * it about 50 times. The speed-up in pngstest was about 10-20% of the - * total (user) time on a heavily loaded system. - */ -# ifdef PNG_WRITE_CUSTOMIZE_COMPRESSION_SUPPORTED - png_set_compression_level(png_ptr, 3); -# endif - } - - /* Check for the cases that currently require a pre-transform on the row - * before it is written. This only applies when the input is 16-bit and - * either there is an alpha channel or it is converted to 8-bit. - */ - if ((linear != 0 && alpha != 0 ) || - (colormap == 0 && display->convert_to_8bit != 0)) - { - png_bytep row = png_voidcast(png_bytep, png_malloc(png_ptr, - png_get_rowbytes(png_ptr, info_ptr))); - int result; - - display->local_row = row; - if (write_16bit != 0) - result = png_safe_execute(image, png_write_image_16bit, display); - else - result = png_safe_execute(image, png_write_image_8bit, display); - display->local_row = NULL; - - png_free(png_ptr, row); - - /* Skip the 'write_end' on error: */ - if (result == 0) - return 0; - } - - /* Otherwise this is the case where the input is in a format currently - * supported by the rest of the libpng write code; call it directly. - */ - else - { - png_const_bytep row = png_voidcast(png_const_bytep, display->first_row); - ptrdiff_t row_bytes = display->row_bytes; - png_uint_32 y = image->height; - - while (y-- > 0) - { - png_write_row(png_ptr, row); - row += row_bytes; - } - } - - png_write_end(png_ptr, info_ptr); - return 1; -} - -int PNGAPI -png_image_write_to_stdio(png_imagep image, FILE *file, int convert_to_8bit, - const void *buffer, png_int_32 row_stride, const void *colormap) -{ - /* Write the image to the given (FILE*). */ - if (image != NULL && image->version == PNG_IMAGE_VERSION) - { - if (file != NULL) - { - if (png_image_write_init(image) != 0) - { - png_image_write_control display; - int result; - - /* This is slightly evil, but png_init_io doesn't do anything other - * than this and we haven't changed the standard IO functions so - * this saves a 'safe' function. - */ - image->opaque->png_ptr->io_ptr = file; - - memset(&display, 0, (sizeof display)); - display.image = image; - display.buffer = buffer; - display.row_stride = row_stride; - display.colormap = colormap; - display.convert_to_8bit = convert_to_8bit; - - result = png_safe_execute(image, png_image_write_main, &display); - png_image_free(image); - return result; - } - - else - return 0; - } - - else - return png_image_error(image, - "png_image_write_to_stdio: invalid argument"); - } - - else if (image != NULL) - return png_image_error(image, - "png_image_write_to_stdio: incorrect PNG_IMAGE_VERSION"); - - else - return 0; -} - -int PNGAPI -png_image_write_to_file(png_imagep image, const char *file_name, - int convert_to_8bit, const void *buffer, png_int_32 row_stride, - const void *colormap) -{ - /* Write the image to the named file. */ - if (image != NULL && image->version == PNG_IMAGE_VERSION) - { - if (file_name != NULL) - { - FILE *fp = fopen(file_name, "wb"); - - if (fp != NULL) - { - if (png_image_write_to_stdio(image, fp, convert_to_8bit, buffer, - row_stride, colormap) != 0) - { - int error; /* from fflush/fclose */ - - /* Make sure the file is flushed correctly. */ - if (fflush(fp) == 0 && ferror(fp) == 0) - { - if (fclose(fp) == 0) - return 1; - - error = errno; /* from fclose */ - } - - else - { - error = errno; /* from fflush or ferror */ - (void)fclose(fp); - } - - (void)remove(file_name); - /* The image has already been cleaned up; this is just used to - * set the error (because the original write succeeded). - */ - return png_image_error(image, strerror(error)); - } - - else - { - /* Clean up: just the opened file. */ - (void)fclose(fp); - (void)remove(file_name); - return 0; - } - } - - else - return png_image_error(image, strerror(errno)); - } - - else - return png_image_error(image, - "png_image_write_to_file: invalid argument"); - } - - else if (image != NULL) - return png_image_error(image, - "png_image_write_to_file: incorrect PNG_IMAGE_VERSION"); - - else - return 0; -} -# endif /* STDIO */ -#endif /* SIMPLIFIED_WRITE */ -#endif /* WRITE */
--- a/src/share/native/sun/awt/libpng/pngwtran.c Tue Jul 11 03:45:17 2017 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,604 +0,0 @@ -/* - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* pngwtran.c - transforms the data in a row for PNG writers - * - * This file is available under and governed by the GNU General Public - * License version 2 only, as published by the Free Software Foundation. - * However, the following notice accompanied the original version of this - * file and, per its terms, should not be removed: - * - * Last changed in libpng 1.6.18 [July 23, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) - * - * This code is released under the libpng license. - * For conditions of distribution and use, see the disclaimer - * and license in png.h - */ - -#include "pngpriv.h" - -#ifdef PNG_WRITE_SUPPORTED -#ifdef PNG_WRITE_TRANSFORMS_SUPPORTED - -#ifdef PNG_WRITE_PACK_SUPPORTED -/* Pack pixels into bytes. Pass the true bit depth in bit_depth. The - * row_info bit depth should be 8 (one pixel per byte). The channels - * should be 1 (this only happens on grayscale and paletted images). - */ -static void -png_do_pack(png_row_infop row_info, png_bytep row, png_uint_32 bit_depth) -{ - png_debug(1, "in png_do_pack"); - - if (row_info->bit_depth == 8 && - row_info->channels == 1) - { - switch ((int)bit_depth) - { - case 1: - { - png_bytep sp, dp; - int mask, v; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - sp = row; - dp = row; - mask = 0x80; - v = 0; - - for (i = 0; i < row_width; i++) - { - if (*sp != 0) - v |= mask; - - sp++; - - if (mask > 1) - mask >>= 1; - - else - { - mask = 0x80; - *dp = (png_byte)v; - dp++; - v = 0; - } - } - - if (mask != 0x80) - *dp = (png_byte)v; - - break; - } - - case 2: - { - png_bytep sp, dp; - unsigned int shift; - int v; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - sp = row; - dp = row; - shift = 6; - v = 0; - - for (i = 0; i < row_width; i++) - { - png_byte value; - - value = (png_byte)(*sp & 0x03); - v |= (value << shift); - - if (shift == 0) - { - shift = 6; - *dp = (png_byte)v; - dp++; - v = 0; - } - - else - shift -= 2; - - sp++; - } - - if (shift != 6) - *dp = (png_byte)v; - - break; - } - - case 4: - { - png_bytep sp, dp; - unsigned int shift; - int v; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - sp = row; - dp = row; - shift = 4; - v = 0; - - for (i = 0; i < row_width; i++) - { - png_byte value; - - value = (png_byte)(*sp & 0x0f); - v |= (value << shift); - - if (shift == 0) - { - shift = 4; - *dp = (png_byte)v; - dp++; - v = 0; - } - - else - shift -= 4; - - sp++; - } - - if (shift != 4) - *dp = (png_byte)v; - - break; - } - - default: - break; - } - - row_info->bit_depth = (png_byte)bit_depth; - row_info->pixel_depth = (png_byte)(bit_depth * row_info->channels); - row_info->rowbytes = PNG_ROWBYTES(row_info->pixel_depth, - row_info->width); - } -} -#endif - -#ifdef PNG_WRITE_SHIFT_SUPPORTED -/* Shift pixel values to take advantage of whole range. Pass the - * true number of bits in bit_depth. The row should be packed - * according to row_info->bit_depth. Thus, if you had a row of - * bit depth 4, but the pixels only had values from 0 to 7, you - * would pass 3 as bit_depth, and this routine would translate the - * data to 0 to 15. - */ -static void -png_do_shift(png_row_infop row_info, png_bytep row, - png_const_color_8p bit_depth) -{ - png_debug(1, "in png_do_shift"); - - if (row_info->color_type != PNG_COLOR_TYPE_PALETTE) - { - int shift_start[4], shift_dec[4]; - int channels = 0; - - if ((row_info->color_type & PNG_COLOR_MASK_COLOR) != 0) - { - shift_start[channels] = row_info->bit_depth - bit_depth->red; - shift_dec[channels] = bit_depth->red; - channels++; - - shift_start[channels] = row_info->bit_depth - bit_depth->green; - shift_dec[channels] = bit_depth->green; - channels++; - - shift_start[channels] = row_info->bit_depth - bit_depth->blue; - shift_dec[channels] = bit_depth->blue; - channels++; - } - - else - { - shift_start[channels] = row_info->bit_depth - bit_depth->gray; - shift_dec[channels] = bit_depth->gray; - channels++; - } - - if ((row_info->color_type & PNG_COLOR_MASK_ALPHA) != 0) - { - shift_start[channels] = row_info->bit_depth - bit_depth->alpha; - shift_dec[channels] = bit_depth->alpha; - channels++; - } - - /* With low row depths, could only be grayscale, so one channel */ - if (row_info->bit_depth < 8) - { - png_bytep bp = row; - png_size_t i; - unsigned int mask; - png_size_t row_bytes = row_info->rowbytes; - - if (bit_depth->gray == 1 && row_info->bit_depth == 2) - mask = 0x55; - - else if (row_info->bit_depth == 4 && bit_depth->gray == 3) - mask = 0x11; - - else - mask = 0xff; - - for (i = 0; i < row_bytes; i++, bp++) - { - int j; - unsigned int v, out; - - v = *bp; - out = 0; - - for (j = shift_start[0]; j > -shift_dec[0]; j -= shift_dec[0]) - { - if (j > 0) - out |= v << j; - - else - out |= (v >> (-j)) & mask; - } - - *bp = (png_byte)(out & 0xff); - } - } - - else if (row_info->bit_depth == 8) - { - png_bytep bp = row; - png_uint_32 i; - png_uint_32 istop = channels * row_info->width; - - for (i = 0; i < istop; i++, bp++) - { - - const unsigned int c = i%channels; - int j; - unsigned int v, out; - - v = *bp; - out = 0; - - for (j = shift_start[c]; j > -shift_dec[c]; j -= shift_dec[c]) - { - if (j > 0) - out |= v << j; - - else - out |= v >> (-j); - } - - *bp = (png_byte)(out & 0xff); - } - } - - else - { - png_bytep bp; - png_uint_32 i; - png_uint_32 istop = channels * row_info->width; - - for (bp = row, i = 0; i < istop; i++) - { - const unsigned int c = i%channels; - int j; - unsigned int value, v; - - v = png_get_uint_16(bp); - value = 0; - - for (j = shift_start[c]; j > -shift_dec[c]; j -= shift_dec[c]) - { - if (j > 0) - value |= v << j; - - else - value |= v >> (-j); - } - *bp++ = (png_byte)((value >> 8) & 0xff); - *bp++ = (png_byte)(value & 0xff); - } - } - } -} -#endif - -#ifdef PNG_WRITE_SWAP_ALPHA_SUPPORTED -static void -png_do_write_swap_alpha(png_row_infop row_info, png_bytep row) -{ - png_debug(1, "in png_do_write_swap_alpha"); - - { - if (row_info->color_type == PNG_COLOR_TYPE_RGB_ALPHA) - { - if (row_info->bit_depth == 8) - { - /* This converts from ARGB to RGBA */ - png_bytep sp, dp; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - for (i = 0, sp = dp = row; i < row_width; i++) - { - png_byte save = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = save; - } - } - -#ifdef PNG_WRITE_16BIT_SUPPORTED - else - { - /* This converts from AARRGGBB to RRGGBBAA */ - png_bytep sp, dp; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - for (i = 0, sp = dp = row; i < row_width; i++) - { - png_byte save[2]; - save[0] = *(sp++); - save[1] = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = save[0]; - *(dp++) = save[1]; - } - } -#endif /* WRITE_16BIT */ - } - - else if (row_info->color_type == PNG_COLOR_TYPE_GRAY_ALPHA) - { - if (row_info->bit_depth == 8) - { - /* This converts from AG to GA */ - png_bytep sp, dp; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - for (i = 0, sp = dp = row; i < row_width; i++) - { - png_byte save = *(sp++); - *(dp++) = *(sp++); - *(dp++) = save; - } - } - -#ifdef PNG_WRITE_16BIT_SUPPORTED - else - { - /* This converts from AAGG to GGAA */ - png_bytep sp, dp; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - for (i = 0, sp = dp = row; i < row_width; i++) - { - png_byte save[2]; - save[0] = *(sp++); - save[1] = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = save[0]; - *(dp++) = save[1]; - } - } -#endif /* WRITE_16BIT */ - } - } -} -#endif - -#ifdef PNG_WRITE_INVERT_ALPHA_SUPPORTED -static void -png_do_write_invert_alpha(png_row_infop row_info, png_bytep row) -{ - png_debug(1, "in png_do_write_invert_alpha"); - - { - if (row_info->color_type == PNG_COLOR_TYPE_RGB_ALPHA) - { - if (row_info->bit_depth == 8) - { - /* This inverts the alpha channel in RGBA */ - png_bytep sp, dp; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - for (i = 0, sp = dp = row; i < row_width; i++) - { - /* Does nothing - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - */ - sp+=3; dp = sp; - *dp = (png_byte)(255 - *(sp++)); - } - } - -#ifdef PNG_WRITE_16BIT_SUPPORTED - else - { - /* This inverts the alpha channel in RRGGBBAA */ - png_bytep sp, dp; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - for (i = 0, sp = dp = row; i < row_width; i++) - { - /* Does nothing - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - *(dp++) = *(sp++); - */ - sp+=6; dp = sp; - *(dp++) = (png_byte)(255 - *(sp++)); - *dp = (png_byte)(255 - *(sp++)); - } - } -#endif /* WRITE_16BIT */ - } - - else if (row_info->color_type == PNG_COLOR_TYPE_GRAY_ALPHA) - { - if (row_info->bit_depth == 8) - { - /* This inverts the alpha channel in GA */ - png_bytep sp, dp; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - for (i = 0, sp = dp = row; i < row_width; i++) - { - *(dp++) = *(sp++); - *(dp++) = (png_byte)(255 - *(sp++)); - } - } - -#ifdef PNG_WRITE_16BIT_SUPPORTED - else - { - /* This inverts the alpha channel in GGAA */ - png_bytep sp, dp; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - for (i = 0, sp = dp = row; i < row_width; i++) - { - /* Does nothing - *(dp++) = *(sp++); - *(dp++) = *(sp++); - */ - sp+=2; dp = sp; - *(dp++) = (png_byte)(255 - *(sp++)); - *dp = (png_byte)(255 - *(sp++)); - } - } -#endif /* WRITE_16BIT */ - } - } -} -#endif - -/* Transform the data according to the user's wishes. The order of - * transformations is significant. - */ -void /* PRIVATE */ -png_do_write_transformations(png_structrp png_ptr, png_row_infop row_info) -{ - png_debug(1, "in png_do_write_transformations"); - - if (png_ptr == NULL) - return; - -#ifdef PNG_WRITE_USER_TRANSFORM_SUPPORTED - if ((png_ptr->transformations & PNG_USER_TRANSFORM) != 0) - if (png_ptr->write_user_transform_fn != NULL) - (*(png_ptr->write_user_transform_fn)) /* User write transform - function */ - (png_ptr, /* png_ptr */ - row_info, /* row_info: */ - /* png_uint_32 width; width of row */ - /* png_size_t rowbytes; number of bytes in row */ - /* png_byte color_type; color type of pixels */ - /* png_byte bit_depth; bit depth of samples */ - /* png_byte channels; number of channels (1-4) */ - /* png_byte pixel_depth; bits per pixel (depth*channels) */ - png_ptr->row_buf + 1); /* start of pixel data for row */ -#endif - -#ifdef PNG_WRITE_FILLER_SUPPORTED - if ((png_ptr->transformations & PNG_FILLER) != 0) - png_do_strip_channel(row_info, png_ptr->row_buf + 1, - !(png_ptr->flags & PNG_FLAG_FILLER_AFTER)); -#endif - -#ifdef PNG_WRITE_PACKSWAP_SUPPORTED - if ((png_ptr->transformations & PNG_PACKSWAP) != 0) - png_do_packswap(row_info, png_ptr->row_buf + 1); -#endif - -#ifdef PNG_WRITE_PACK_SUPPORTED - if ((png_ptr->transformations & PNG_PACK) != 0) - png_do_pack(row_info, png_ptr->row_buf + 1, - (png_uint_32)png_ptr->bit_depth); -#endif - -#ifdef PNG_WRITE_SWAP_SUPPORTED -# ifdef PNG_16BIT_SUPPORTED - if ((png_ptr->transformations & PNG_SWAP_BYTES) != 0) - png_do_swap(row_info, png_ptr->row_buf + 1); -# endif -#endif - -#ifdef PNG_WRITE_SHIFT_SUPPORTED - if ((png_ptr->transformations & PNG_SHIFT) != 0) - png_do_shift(row_info, png_ptr->row_buf + 1, - &(png_ptr->shift)); -#endif - -#ifdef PNG_WRITE_SWAP_ALPHA_SUPPORTED - if ((png_ptr->transformations & PNG_SWAP_ALPHA) != 0) - png_do_write_swap_alpha(row_info, png_ptr->row_buf + 1); -#endif - -#ifdef PNG_WRITE_INVERT_ALPHA_SUPPORTED - if ((png_ptr->transformations & PNG_INVERT_ALPHA) != 0) - png_do_write_invert_alpha(row_info, png_ptr->row_buf + 1); -#endif - -#ifdef PNG_WRITE_BGR_SUPPORTED - if ((png_ptr->transformations & PNG_BGR) != 0) - png_do_bgr(row_info, png_ptr->row_buf + 1); -#endif - -#ifdef PNG_WRITE_INVERT_SUPPORTED - if ((png_ptr->transformations & PNG_INVERT_MONO) != 0) - png_do_invert(row_info, png_ptr->row_buf + 1); -#endif -} -#endif /* WRITE_TRANSFORMS */ -#endif /* WRITE */
--- a/src/share/native/sun/awt/libpng/pngwutil.c Tue Jul 11 03:45:17 2017 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,2737 +0,0 @@ -/* - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* pngwutil.c - utilities to write a PNG file - * - * This file is available under and governed by the GNU General Public - * License version 2 only, as published by the Free Software Foundation. - * However, the following notice accompanied the original version of this - * file and, per its terms, should not be removed: - * - * Last changed in libpng 1.6.19 [November 12, 2015] - * Copyright (c) 1998-2015 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) - * - * This code is released under the libpng license. - * For conditions of distribution and use, see the disclaimer - * and license in png.h - */ - -#include "pngpriv.h" - -#ifdef PNG_WRITE_SUPPORTED - -#ifdef PNG_WRITE_INT_FUNCTIONS_SUPPORTED -/* Place a 32-bit number into a buffer in PNG byte order. We work - * with unsigned numbers for convenience, although one supported - * ancillary chunk uses signed (two's complement) numbers. - */ -void PNGAPI -png_save_uint_32(png_bytep buf, png_uint_32 i) -{ - buf[0] = (png_byte)(i >> 24); - buf[1] = (png_byte)(i >> 16); - buf[2] = (png_byte)(i >> 8); - buf[3] = (png_byte)(i ); -} - -/* Place a 16-bit number into a buffer in PNG byte order. - * The parameter is declared unsigned int, not png_uint_16, - * just to avoid potential problems on pre-ANSI C compilers. - */ -void PNGAPI -png_save_uint_16(png_bytep buf, unsigned int i) -{ - buf[0] = (png_byte)(i >> 8); - buf[1] = (png_byte)(i ); -} -#endif - -/* Simple function to write the signature. If we have already written - * the magic bytes of the signature, or more likely, the PNG stream is - * being embedded into another stream and doesn't need its own signature, - * we should call png_set_sig_bytes() to tell libpng how many of the - * bytes have already been written. - */ -void PNGAPI -png_write_sig(png_structrp png_ptr) -{ - png_byte png_signature[8] = {137, 80, 78, 71, 13, 10, 26, 10}; - -#ifdef PNG_IO_STATE_SUPPORTED - /* Inform the I/O callback that the signature is being written */ - png_ptr->io_state = PNG_IO_WRITING | PNG_IO_SIGNATURE; -#endif - - /* Write the rest of the 8 byte signature */ - png_write_data(png_ptr, &png_signature[png_ptr->sig_bytes], - (png_size_t)(8 - png_ptr->sig_bytes)); - - if (png_ptr->sig_bytes < 3) - png_ptr->mode |= PNG_HAVE_PNG_SIGNATURE; -} - -/* Write the start of a PNG chunk. The type is the chunk type. - * The total_length is the sum of the lengths of all the data you will be - * passing in png_write_chunk_data(). - */ -static void -png_write_chunk_header(png_structrp png_ptr, png_uint_32 chunk_name, - png_uint_32 length) -{ - png_byte buf[8]; - -#if defined(PNG_DEBUG) && (PNG_DEBUG > 0) - PNG_CSTRING_FROM_CHUNK(buf, chunk_name); - png_debug2(0, "Writing %s chunk, length = %lu", buf, (unsigned long)length); -#endif - - if (png_ptr == NULL) - return; - -#ifdef PNG_IO_STATE_SUPPORTED - /* Inform the I/O callback that the chunk header is being written. - * PNG_IO_CHUNK_HDR requires a single I/O call. - */ - png_ptr->io_state = PNG_IO_WRITING | PNG_IO_CHUNK_HDR; -#endif - - /* Write the length and the chunk name */ - png_save_uint_32(buf, length); - png_save_uint_32(buf + 4, chunk_name); - png_write_data(png_ptr, buf, 8); - - /* Put the chunk name into png_ptr->chunk_name */ - png_ptr->chunk_name = chunk_name; - - /* Reset the crc and run it over the chunk name */ - png_reset_crc(png_ptr); - - png_calculate_crc(png_ptr, buf + 4, 4); - -#ifdef PNG_IO_STATE_SUPPORTED - /* Inform the I/O callback that chunk data will (possibly) be written. - * PNG_IO_CHUNK_DATA does NOT require a specific number of I/O calls. - */ - png_ptr->io_state = PNG_IO_WRITING | PNG_IO_CHUNK_DATA; -#endif -} - -void PNGAPI -png_write_chunk_start(png_structrp png_ptr, png_const_bytep chunk_string, - png_uint_32 length) -{ - png_write_chunk_header(png_ptr, PNG_CHUNK_FROM_STRING(chunk_string), length); -} - -/* Write the data of a PNG chunk started with png_write_chunk_header(). - * Note that multiple calls to this function are allowed, and that the - * sum of the lengths from these calls *must* add up to the total_length - * given to png_write_chunk_header(). - */ -void PNGAPI -png_write_chunk_data(png_structrp png_ptr, png_const_bytep data, - png_size_t length) -{ - /* Write the data, and run the CRC over it */ - if (png_ptr == NULL) - return; - - if (data != NULL && length > 0) - { - png_write_data(png_ptr, data, length); - - /* Update the CRC after writing the data, - * in case the user I/O routine alters it. - */ - png_calculate_crc(png_ptr, data, length); - } -} - -/* Finish a chunk started with png_write_chunk_header(). */ -void PNGAPI -png_write_chunk_end(png_structrp png_ptr) -{ - png_byte buf[4]; - - if (png_ptr == NULL) return; - -#ifdef PNG_IO_STATE_SUPPORTED - /* Inform the I/O callback that the chunk CRC is being written. - * PNG_IO_CHUNK_CRC requires a single I/O function call. - */ - png_ptr->io_state = PNG_IO_WRITING | PNG_IO_CHUNK_CRC; -#endif - - /* Write the crc in a single operation */ - png_save_uint_32(buf, png_ptr->crc); - - png_write_data(png_ptr, buf, (png_size_t)4); -} - -/* Write a PNG chunk all at once. The type is an array of ASCII characters - * representing the chunk name. The array must be at least 4 bytes in - * length, and does not need to be null terminated. To be safe, pass the - * pre-defined chunk names here, and if you need a new one, define it - * where the others are defined. The length is the length of the data. - * All the data must be present. If that is not possible, use the - * png_write_chunk_start(), png_write_chunk_data(), and png_write_chunk_end() - * functions instead. - */ -static void -png_write_complete_chunk(png_structrp png_ptr, png_uint_32 chunk_name, - png_const_bytep data, png_size_t length) -{ - if (png_ptr == NULL) - return; - - /* On 64-bit architectures 'length' may not fit in a png_uint_32. */ - if (length > PNG_UINT_31_MAX) - png_error(png_ptr, "length exceeds PNG maximum"); - - png_write_chunk_header(png_ptr, chunk_name, (png_uint_32)length); - png_write_chunk_data(png_ptr, data, length); - png_write_chunk_end(png_ptr); -} - -/* This is the API that calls the internal function above. */ -void PNGAPI -png_write_chunk(png_structrp png_ptr, png_const_bytep chunk_string, - png_const_bytep data, png_size_t length) -{ - png_write_complete_chunk(png_ptr, PNG_CHUNK_FROM_STRING(chunk_string), data, - length); -} - -/* This is used below to find the size of an image to pass to png_deflate_claim, - * so it only needs to be accurate if the size is less than 16384 bytes (the - * point at which a lower LZ window size can be used.) - */ -static png_alloc_size_t -png_image_size(png_structrp png_ptr) -{ - /* Only return sizes up to the maximum of a png_uint_32; do this by limiting - * the width and height used to 15 bits. - */ - png_uint_32 h = png_ptr->height; - - if (png_ptr->rowbytes < 32768 && h < 32768) - { - if (png_ptr->interlaced != 0) - { - /* Interlacing makes the image larger because of the replication of - * both the filter byte and the padding to a byte boundary. - */ - png_uint_32 w = png_ptr->width; - unsigned int pd = png_ptr->pixel_depth; - png_alloc_size_t cb_base; - int pass; - - for (cb_base=0, pass=0; pass<=6; ++pass) - { - png_uint_32 pw = PNG_PASS_COLS(w, pass); - - if (pw > 0) - cb_base += (PNG_ROWBYTES(pd, pw)+1) * PNG_PASS_ROWS(h, pass); - } - - return cb_base; - } - - else - return (png_ptr->rowbytes+1) * h; - } - - else - return 0xffffffffU; -} - -#ifdef PNG_WRITE_OPTIMIZE_CMF_SUPPORTED - /* This is the code to hack the first two bytes of the deflate stream (the - * deflate header) to correct the windowBits value to match the actual data - * size. Note that the second argument is the *uncompressed* size but the - * first argument is the *compressed* data (and it must be deflate - * compressed.) - */ -static void -optimize_cmf(png_bytep data, png_alloc_size_t data_size) -{ - /* Optimize the CMF field in the zlib stream. The resultant zlib stream is - * still compliant to the stream specification. - */ - if (data_size <= 16384) /* else windowBits must be 15 */ - { - unsigned int z_cmf = data[0]; /* zlib compression method and flags */ - - if ((z_cmf & 0x0f) == 8 && (z_cmf & 0xf0) <= 0x70) - { - unsigned int z_cinfo; - unsigned int half_z_window_size; - - z_cinfo = z_cmf >> 4; - half_z_window_size = 1U << (z_cinfo + 7); - - if (data_size <= half_z_window_size) /* else no change */ - { - unsigned int tmp; - - do - { - half_z_window_size >>= 1; - --z_cinfo; - } - while (z_cinfo > 0 && data_size <= half_z_window_size); - - z_cmf = (z_cmf & 0x0f) | (z_cinfo << 4); - - data[0] = (png_byte)z_cmf; - tmp = data[1] & 0xe0; - tmp += 0x1f - ((z_cmf << 8) + tmp) % 0x1f; - data[1] = (png_byte)tmp; - } - } - } -} -#endif /* WRITE_OPTIMIZE_CMF */ - -/* Initialize the compressor for the appropriate type of compression. */ -static int -png_deflate_claim(png_structrp png_ptr, png_uint_32 owner, - png_alloc_size_t data_size) -{ - if (png_ptr->zowner != 0) - { -#if defined(PNG_WARNINGS_SUPPORTED) || defined(PNG_ERROR_TEXT_SUPPORTED) - char msg[64]; - - PNG_STRING_FROM_CHUNK(msg, owner); - msg[4] = ':'; - msg[5] = ' '; - PNG_STRING_FROM_CHUNK(msg+6, png_ptr->zowner); - /* So the message that results is "<chunk> using zstream"; this is an - * internal error, but is very useful for debugging. i18n requirements - * are minimal. - */ - (void)png_safecat(msg, (sizeof msg), 10, " using zstream"); -#endif -#if PNG_RELEASE_BUILD - png_warning(png_ptr, msg); - - /* Attempt sane error recovery */ - if (png_ptr->zowner == png_IDAT) /* don't steal from IDAT */ - { - png_ptr->zstream.msg = PNGZ_MSG_CAST("in use by IDAT"); - return Z_STREAM_ERROR; - } - - png_ptr->zowner = 0; -#else - png_error(png_ptr, msg); -#endif - } - - { - int level = png_ptr->zlib_level; - int method = png_ptr->zlib_method; - int windowBits = png_ptr->zlib_window_bits; - int memLevel = png_ptr->zlib_mem_level; - int strategy; /* set below */ - int ret; /* zlib return code */ - - if (owner == png_IDAT) - { - if ((png_ptr->flags & PNG_FLAG_ZLIB_CUSTOM_STRATEGY) != 0) - strategy = png_ptr->zlib_strategy; - - else if (png_ptr->do_filter != PNG_FILTER_NONE) - strategy = PNG_Z_DEFAULT_STRATEGY; - - else - strategy = PNG_Z_DEFAULT_NOFILTER_STRATEGY; - } - - else - { -#ifdef PNG_WRITE_CUSTOMIZE_ZTXT_COMPRESSION_SUPPORTED - level = png_ptr->zlib_text_level; - method = png_ptr->zlib_text_method; - windowBits = png_ptr->zlib_text_window_bits; - memLevel = png_ptr->zlib_text_mem_level; - strategy = png_ptr->zlib_text_strategy; -#else - /* If customization is not supported the values all come from the - * IDAT values except for the strategy, which is fixed to the - * default. (This is the pre-1.6.0 behavior too, although it was - * implemented in a very different way.) - */ - strategy = Z_DEFAULT_STRATEGY; -#endif - } - - /* Adjust 'windowBits' down if larger than 'data_size'; to stop this - * happening just pass 32768 as the data_size parameter. Notice that zlib - * requires an extra 262 bytes in the window in addition to the data to be - * able to see the whole of the data, so if data_size+262 takes us to the - * next windowBits size we need to fix up the value later. (Because even - * though deflate needs the extra window, inflate does not!) - */ - if (data_size <= 16384) - { - /* IMPLEMENTATION NOTE: this 'half_window_size' stuff is only here to - * work round a Microsoft Visual C misbehavior which, contrary to C-90, - * widens the result of the following shift to 64-bits if (and, - * apparently, only if) it is used in a test. - */ - unsigned int half_window_size = 1U << (windowBits-1); - - while (data_size + 262 <= half_window_size) - { - half_window_size >>= 1; - --windowBits; - } - } - - /* Check against the previous initialized values, if any. */ - if ((png_ptr->flags & PNG_FLAG_ZSTREAM_INITIALIZED) != 0 && - (png_ptr->zlib_set_level != level || - png_ptr->zlib_set_method != method || - png_ptr->zlib_set_window_bits != windowBits || - png_ptr->zlib_set_mem_level != memLevel || - png_ptr->zlib_set_strategy != strategy)) - { - if (deflateEnd(&png_ptr->zstream) != Z_OK) - png_warning(png_ptr, "deflateEnd failed (ignored)"); - - png_ptr->flags &= ~PNG_FLAG_ZSTREAM_INITIALIZED; - } - - /* For safety clear out the input and output pointers (currently zlib - * doesn't use them on Init, but it might in the future). - */ - png_ptr->zstream.next_in = NULL; - png_ptr->zstream.avail_in = 0; - png_ptr->zstream.next_out = NULL; - png_ptr->zstream.avail_out = 0; - - /* Now initialize if required, setting the new parameters, otherwise just - * to a simple reset to the previous parameters. - */ - if ((png_ptr->flags & PNG_FLAG_ZSTREAM_INITIALIZED) != 0) - ret = deflateReset(&png_ptr->zstream); - - else - { - ret = deflateInit2(&png_ptr->zstream, level, method, windowBits, - memLevel, strategy); - - if (ret == Z_OK) - png_ptr->flags |= PNG_FLAG_ZSTREAM_INITIALIZED; - } - - /* The return code is from either deflateReset or deflateInit2; they have - * pretty much the same set of error codes. - */ - if (ret == Z_OK) - png_ptr->zowner = owner; - - else - png_zstream_error(png_ptr, ret); - - return ret; - } -} - -/* Clean up (or trim) a linked list of compression buffers. */ -void /* PRIVATE */ -png_free_buffer_list(png_structrp png_ptr, png_compression_bufferp *listp) -{ - png_compression_bufferp list = *listp; - - if (list != NULL) - { - *listp = NULL; - - do - { - png_compression_bufferp next = list->next; - - png_free(png_ptr, list); - list = next; - } - while (list != NULL); - } -} - -#ifdef PNG_WRITE_COMPRESSED_TEXT_SUPPORTED -/* This pair of functions encapsulates the operation of (a) compressing a - * text string, and (b) issuing it later as a series of chunk data writes. - * The compression_state structure is shared context for these functions - * set up by the caller to allow access to the relevant local variables. - * - * compression_buffer (new in 1.6.0) is just a linked list of zbuffer_size - * temporary buffers. From 1.6.0 it is retained in png_struct so that it will - * be correctly freed in the event of a write error (previous implementations - * just leaked memory.) - */ -typedef struct -{ - png_const_bytep input; /* The uncompressed input data */ - png_alloc_size_t input_len; /* Its length */ - png_uint_32 output_len; /* Final compressed length */ - png_byte output[1024]; /* First block of output */ -} compression_state; - -static void -png_text_compress_init(compression_state *comp, png_const_bytep input, - png_alloc_size_t input_len) -{ - comp->input = input; - comp->input_len = input_len; - comp->output_len = 0; -} - -/* Compress the data in the compression state input */ -static int -png_text_compress(png_structrp png_ptr, png_uint_32 chunk_name, - compression_state *comp, png_uint_32 prefix_len) -{ - int ret; - - /* To find the length of the output it is necessary to first compress the - * input. The result is buffered rather than using the two-pass algorithm - * that is used on the inflate side; deflate is assumed to be slower and a - * PNG writer is assumed to have more memory available than a PNG reader. - * - * IMPLEMENTATION NOTE: the zlib API deflateBound() can be used to find an - * upper limit on the output size, but it is always bigger than the input - * size so it is likely to be more efficient to use this linked-list - * approach. - */ - ret = png_deflate_claim(png_ptr, chunk_name, comp->input_len); - - if (ret != Z_OK) - return ret; - - /* Set up the compression buffers, we need a loop here to avoid overflowing a - * uInt. Use ZLIB_IO_MAX to limit the input. The output is always limited - * by the output buffer size, so there is no need to check that. Since this - * is ANSI-C we know that an 'int', hence a uInt, is always at least 16 bits - * in size. - */ - { - png_compression_bufferp *end = &png_ptr->zbuffer_list; - png_alloc_size_t input_len = comp->input_len; /* may be zero! */ - png_uint_32 output_len; - - /* zlib updates these for us: */ - png_ptr->zstream.next_in = PNGZ_INPUT_CAST(comp->input); - png_ptr->zstream.avail_in = 0; /* Set below */ - png_ptr->zstream.next_out = comp->output; - png_ptr->zstream.avail_out = (sizeof comp->output); - - output_len = png_ptr->zstream.avail_out; - - do - { - uInt avail_in = ZLIB_IO_MAX; - - if (avail_in > input_len) - avail_in = (uInt)input_len; - - input_len -= avail_in; - - png_ptr->zstream.avail_in = avail_in; - - if (png_ptr->zstream.avail_out == 0) - { - png_compression_buffer *next; - - /* Chunk data is limited to 2^31 bytes in length, so the prefix - * length must be counted here. - */ - if (output_len + prefix_len > PNG_UINT_31_MAX) - { - ret = Z_MEM_ERROR; - break; - } - - /* Need a new (malloc'ed) buffer, but there may be one present - * already. - */ - next = *end; - if (next == NULL) - { - next = png_voidcast(png_compression_bufferp, png_malloc_base - (png_ptr, PNG_COMPRESSION_BUFFER_SIZE(png_ptr))); - - if (next == NULL) - { - ret = Z_MEM_ERROR; - break; - } - - /* Link in this buffer (so that it will be freed later) */ - next->next = NULL; - *end = next; - } - - png_ptr->zstream.next_out = next->output; - png_ptr->zstream.avail_out = png_ptr->zbuffer_size; - output_len += png_ptr->zstream.avail_out; - - /* Move 'end' to the next buffer pointer. */ - end = &next->next; - } - - /* Compress the data */ - ret = deflate(&png_ptr->zstream, - input_len > 0 ? Z_NO_FLUSH : Z_FINISH); - - /* Claw back input data that was not consumed (because avail_in is - * reset above every time round the loop). - */ - input_len += png_ptr->zstream.avail_in; - png_ptr->zstream.avail_in = 0; /* safety */ - } - while (ret == Z_OK); - - /* There may be some space left in the last output buffer. This needs to - * be subtracted from output_len. - */ - output_len -= png_ptr->zstream.avail_out; - png_ptr->zstream.avail_out = 0; /* safety */ - comp->output_len = output_len; - - /* Now double check the output length, put in a custom message if it is - * too long. Otherwise ensure the z_stream::msg pointer is set to - * something. - */ - if (output_len + prefix_len >= PNG_UINT_31_MAX) - { - png_ptr->zstream.msg = PNGZ_MSG_CAST("compressed data too long"); - ret = Z_MEM_ERROR; - } - - else - png_zstream_error(png_ptr, ret); - - /* Reset zlib for another zTXt/iTXt or image data */ - png_ptr->zowner = 0; - - /* The only success case is Z_STREAM_END, input_len must be 0; if not this - * is an internal error. - */ - if (ret == Z_STREAM_END && input_len == 0) - { -#ifdef PNG_WRITE_OPTIMIZE_CMF_SUPPORTED - /* Fix up the deflate header, if required */ - optimize_cmf(comp->output, comp->input_len); -#endif - /* But Z_OK is returned, not Z_STREAM_END; this allows the claim - * function above to return Z_STREAM_END on an error (though it never - * does in the current versions of zlib.) - */ - return Z_OK; - } - - else - return ret; - } -} - -/* Ship the compressed text out via chunk writes */ -static void -png_write_compressed_data_out(png_structrp png_ptr, compression_state *comp) -{ - png_uint_32 output_len = comp->output_len; - png_const_bytep output = comp->output; - png_uint_32 avail = (sizeof comp->output); - png_compression_buffer *next = png_ptr->zbuffer_list; - - for (;;) - { - if (avail > output_len) - avail = output_len; - - png_write_chunk_data(png_ptr, output, avail); - - output_len -= avail; - - if (output_len == 0 || next == NULL) - break; - - avail = png_ptr->zbuffer_size; - output = next->output; - next = next->next; - } - - /* This is an internal error; 'next' must have been NULL! */ - if (output_len > 0) - png_error(png_ptr, "error writing ancillary chunked compressed data"); -} -#endif /* WRITE_COMPRESSED_TEXT */ - -#if defined(PNG_WRITE_TEXT_SUPPORTED) || defined(PNG_WRITE_pCAL_SUPPORTED) || \ - defined(PNG_WRITE_iCCP_SUPPORTED) || defined(PNG_WRITE_sPLT_SUPPORTED) -/* Check that the tEXt or zTXt keyword is valid per PNG 1.0 specification, - * and if invalid, correct the keyword rather than discarding the entire - * chunk. The PNG 1.0 specification requires keywords 1-79 characters in - * length, forbids leading or trailing whitespace, multiple internal spaces, - * and the non-break space (0x80) from ISO 8859-1. Returns keyword length. - * - * The 'new_key' buffer must be 80 characters in size (for the keyword plus a - * trailing '\0'). If this routine returns 0 then there was no keyword, or a - * valid one could not be generated, and the caller must png_error. - */ -static png_uint_32 -png_check_keyword(png_structrp png_ptr, png_const_charp key, png_bytep new_key) -{ - png_const_charp orig_key = key; - png_uint_32 key_len = 0; - int bad_character = 0; - int space = 1; - - png_debug(1, "in png_check_keyword"); - - if (key == NULL) - { - *new_key = 0; - return 0; - } - - while (*key && key_len < 79) - { - png_byte ch = (png_byte)*key++; - - if ((ch > 32 && ch <= 126) || (ch >= 161 /*&& ch <= 255*/)) - *new_key++ = ch, ++key_len, space = 0; - - else if (space == 0) - { - /* A space or an invalid character when one wasn't seen immediately - * before; output just a space. - */ - *new_key++ = 32, ++key_len, space = 1; - - /* If the character was not a space then it is invalid. */ - if (ch != 32) - bad_character = ch; - } - - else if (bad_character == 0) - bad_character = ch; /* just skip it, record the first error */ - } - - if (key_len > 0 && space != 0) /* trailing space */ - { - --key_len, --new_key; - if (bad_character == 0) - bad_character = 32; - } - - /* Terminate the keyword */ - *new_key = 0; - - if (key_len == 0) - return 0; - -#ifdef PNG_WARNINGS_SUPPORTED - /* Try to only output one warning per keyword: */ - if (*key != 0) /* keyword too long */ - png_warning(png_ptr, "keyword truncated"); - - else if (bad_character != 0) - { - PNG_WARNING_PARAMETERS(p) - - png_warning_parameter(p, 1, orig_key); - png_warning_parameter_signed(p, 2, PNG_NUMBER_FORMAT_02x, bad_character); - - png_formatted_warning(png_ptr, p, "keyword \"@1\": bad character '0x@2'"); - } -#endif /* WARNINGS */ - - return key_len; -} -#endif /* WRITE_TEXT || WRITE_pCAL || WRITE_iCCP || WRITE_sPLT */ - -/* Write the IHDR chunk, and update the png_struct with the necessary - * information. Note that the rest of this code depends upon this - * information being correct. - */ -void /* PRIVATE */ -png_write_IHDR(png_structrp png_ptr, png_uint_32 width, png_uint_32 height, - int bit_depth, int color_type, int compression_type, int filter_type, - int interlace_type) -{ - png_byte buf[13]; /* Buffer to store the IHDR info */ - - png_debug(1, "in png_write_IHDR"); - - /* Check that we have valid input data from the application info */ - switch (color_type) - { - case PNG_COLOR_TYPE_GRAY: - switch (bit_depth) - { - case 1: - case 2: - case 4: - case 8: -#ifdef PNG_WRITE_16BIT_SUPPORTED - case 16: -#endif - png_ptr->channels = 1; break; - - default: - png_error(png_ptr, - "Invalid bit depth for grayscale image"); - } - break; - - case PNG_COLOR_TYPE_RGB: -#ifdef PNG_WRITE_16BIT_SUPPORTED - if (bit_depth != 8 && bit_depth != 16) -#else - if (bit_depth != 8) -#endif - png_error(png_ptr, "Invalid bit depth for RGB image"); - - png_ptr->channels = 3; - break; - - case PNG_COLOR_TYPE_PALETTE: - switch (bit_depth) - { - case 1: - case 2: - case 4: - case 8: - png_ptr->channels = 1; - break; - - default: - png_error(png_ptr, "Invalid bit depth for paletted image"); - } - break; - - case PNG_COLOR_TYPE_GRAY_ALPHA: - if (bit_depth != 8 && bit_depth != 16) - png_error(png_ptr, "Invalid bit depth for grayscale+alpha image"); - - png_ptr->channels = 2; - break; - - case PNG_COLOR_TYPE_RGB_ALPHA: -#ifdef PNG_WRITE_16BIT_SUPPORTED - if (bit_depth != 8 && bit_depth != 16) -#else - if (bit_depth != 8) -#endif - png_error(png_ptr, "Invalid bit depth for RGBA image"); - - png_ptr->channels = 4; - break; - - default: - png_error(png_ptr, "Invalid image color type specified"); - } - - if (compression_type != PNG_COMPRESSION_TYPE_BASE) - { - png_warning(png_ptr, "Invalid compression type specified"); - compression_type = PNG_COMPRESSION_TYPE_BASE; - } - - /* Write filter_method 64 (intrapixel differencing) only if - * 1. Libpng was compiled with PNG_MNG_FEATURES_SUPPORTED and - * 2. Libpng did not write a PNG signature (this filter_method is only - * used in PNG datastreams that are embedded in MNG datastreams) and - * 3. The application called png_permit_mng_features with a mask that - * included PNG_FLAG_MNG_FILTER_64 and - * 4. The filter_method is 64 and - * 5. The color_type is RGB or RGBA - */ - if ( -#ifdef PNG_MNG_FEATURES_SUPPORTED - !((png_ptr->mng_features_permitted & PNG_FLAG_MNG_FILTER_64) != 0 && - ((png_ptr->mode & PNG_HAVE_PNG_SIGNATURE) == 0) && - (color_type == PNG_COLOR_TYPE_RGB || - color_type == PNG_COLOR_TYPE_RGB_ALPHA) && - (filter_type == PNG_INTRAPIXEL_DIFFERENCING)) && -#endif - filter_type != PNG_FILTER_TYPE_BASE) - { - png_warning(png_ptr, "Invalid filter type specified"); - filter_type = PNG_FILTER_TYPE_BASE; - } - -#ifdef PNG_WRITE_INTERLACING_SUPPORTED - if (interlace_type != PNG_INTERLACE_NONE && - interlace_type != PNG_INTERLACE_ADAM7) - { - png_warning(png_ptr, "Invalid interlace type specified"); - interlace_type = PNG_INTERLACE_ADAM7; - } -#else - interlace_type=PNG_INTERLACE_NONE; -#endif - - /* Save the relevant information */ - png_ptr->bit_depth = (png_byte)bit_depth; - png_ptr->color_type = (png_byte)color_type; - png_ptr->interlaced = (png_byte)interlace_type; -#ifdef PNG_MNG_FEATURES_SUPPORTED - png_ptr->filter_type = (png_byte)filter_type; -#endif - png_ptr->compression_type = (png_byte)compression_type; - png_ptr->width = width; - png_ptr->height = height; - - png_ptr->pixel_depth = (png_byte)(bit_depth * png_ptr->channels); - png_ptr->rowbytes = PNG_ROWBYTES(png_ptr->pixel_depth, width); - /* Set the usr info, so any transformations can modify it */ - png_ptr->usr_width = png_ptr->width; - png_ptr->usr_bit_depth = png_ptr->bit_depth; - png_ptr->usr_channels = png_ptr->channels; - - /* Pack the header information into the buffer */ - png_save_uint_32(buf, width); - png_save_uint_32(buf + 4, height); - buf[8] = (png_byte)bit_depth; - buf[9] = (png_byte)color_type; - buf[10] = (png_byte)compression_type; - buf[11] = (png_byte)filter_type; - buf[12] = (png_byte)interlace_type; - - /* Write the chunk */ - png_write_complete_chunk(png_ptr, png_IHDR, buf, (png_size_t)13); - - if ((png_ptr->do_filter) == PNG_NO_FILTERS) - { - if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE || - png_ptr->bit_depth < 8) - png_ptr->do_filter = PNG_FILTER_NONE; - - else - png_ptr->do_filter = PNG_ALL_FILTERS; - } - - png_ptr->mode = PNG_HAVE_IHDR; /* not READY_FOR_ZTXT */ -} - -/* Write the palette. We are careful not to trust png_color to be in the - * correct order for PNG, so people can redefine it to any convenient - * structure. - */ -void /* PRIVATE */ -png_write_PLTE(png_structrp png_ptr, png_const_colorp palette, - png_uint_32 num_pal) -{ - png_uint_32 max_palette_length, i; - png_const_colorp pal_ptr; - png_byte buf[3]; - - png_debug(1, "in png_write_PLTE"); - - max_palette_length = (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE) ? - (1 << png_ptr->bit_depth) : PNG_MAX_PALETTE_LENGTH; - - if (( -#ifdef PNG_MNG_FEATURES_SUPPORTED - (png_ptr->mng_features_permitted & PNG_FLAG_MNG_EMPTY_PLTE) == 0 && -#endif - num_pal == 0) || num_pal > max_palette_length) - { - if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE) - { - png_error(png_ptr, "Invalid number of colors in palette"); - } - - else - { - png_warning(png_ptr, "Invalid number of colors in palette"); - return; - } - } - - if ((png_ptr->color_type & PNG_COLOR_MASK_COLOR) == 0) - { - png_warning(png_ptr, - "Ignoring request to write a PLTE chunk in grayscale PNG"); - - return; - } - - png_ptr->num_palette = (png_uint_16)num_pal; - png_debug1(3, "num_palette = %d", png_ptr->num_palette); - - png_write_chunk_header(png_ptr, png_PLTE, (png_uint_32)(num_pal * 3)); -#ifdef PNG_POINTER_INDEXING_SUPPORTED - - for (i = 0, pal_ptr = palette; i < num_pal; i++, pal_ptr++) - { - buf[0] = pal_ptr->red; - buf[1] = pal_ptr->green; - buf[2] = pal_ptr->blue; - png_write_chunk_data(png_ptr, buf, (png_size_t)3); - } - -#else - /* This is a little slower but some buggy compilers need to do this - * instead - */ - pal_ptr=palette; - - for (i = 0; i < num_pal; i++) - { - buf[0] = pal_ptr[i].red; - buf[1] = pal_ptr[i].green; - buf[2] = pal_ptr[i].blue; - png_write_chunk_data(png_ptr, buf, (png_size_t)3); - } - -#endif - png_write_chunk_end(png_ptr); - png_ptr->mode |= PNG_HAVE_PLTE; -} - -/* This is similar to png_text_compress, above, except that it does not require - * all of the data at once and, instead of buffering the compressed result, - * writes it as IDAT chunks. Unlike png_text_compress it *can* png_error out - * because it calls the write interface. As a result it does its own error - * reporting and does not return an error code. In the event of error it will - * just call png_error. The input data length may exceed 32-bits. The 'flush' - * parameter is exactly the same as that to deflate, with the following - * meanings: - * - * Z_NO_FLUSH: normal incremental output of compressed data - * Z_SYNC_FLUSH: do a SYNC_FLUSH, used by png_write_flush - * Z_FINISH: this is the end of the input, do a Z_FINISH and clean up - * - * The routine manages the acquire and release of the png_ptr->zstream by - * checking and (at the end) clearing png_ptr->zowner; it does some sanity - * checks on the 'mode' flags while doing this. - */ -void /* PRIVATE */ -png_compress_IDAT(png_structrp png_ptr, png_const_bytep input, - png_alloc_size_t input_len, int flush) -{ - if (png_ptr->zowner != png_IDAT) - { - /* First time. Ensure we have a temporary buffer for compression and - * trim the buffer list if it has more than one entry to free memory. - * If 'WRITE_COMPRESSED_TEXT' is not set the list will never have been - * created at this point, but the check here is quick and safe. - */ - if (png_ptr->zbuffer_list == NULL) - { - png_ptr->zbuffer_list = png_voidcast(png_compression_bufferp, - png_malloc(png_ptr, PNG_COMPRESSION_BUFFER_SIZE(png_ptr))); - png_ptr->zbuffer_list->next = NULL; - } - - else - png_free_buffer_list(png_ptr, &png_ptr->zbuffer_list->next); - - /* It is a terminal error if we can't claim the zstream. */ - if (png_deflate_claim(png_ptr, png_IDAT, png_image_size(png_ptr)) != Z_OK) - png_error(png_ptr, png_ptr->zstream.msg); - - /* The output state is maintained in png_ptr->zstream, so it must be - * initialized here after the claim. - */ - png_ptr->zstream.next_out = png_ptr->zbuffer_list->output; - png_ptr->zstream.avail_out = png_ptr->zbuffer_size; - } - - /* Now loop reading and writing until all the input is consumed or an error - * terminates the operation. The _out values are maintained across calls to - * this function, but the input must be reset each time. - */ - png_ptr->zstream.next_in = PNGZ_INPUT_CAST(input); - png_ptr->zstream.avail_in = 0; /* set below */ - for (;;) - { - int ret; - - /* INPUT: from the row data */ - uInt avail = ZLIB_IO_MAX; - - if (avail > input_len) - avail = (uInt)input_len; /* safe because of the check */ - - png_ptr->zstream.avail_in = avail; - input_len -= avail; - - ret = deflate(&png_ptr->zstream, input_len > 0 ? Z_NO_FLUSH : flush); - - /* Include as-yet unconsumed input */ - input_len += png_ptr->zstream.avail_in; - png_ptr->zstream.avail_in = 0; - - /* OUTPUT: write complete IDAT chunks when avail_out drops to zero. Note - * that these two zstream fields are preserved across the calls, therefore - * there is no need to set these up on entry to the loop. - */ - if (png_ptr->zstream.avail_out == 0) - { - png_bytep data = png_ptr->zbuffer_list->output; - uInt size = png_ptr->zbuffer_size; - - /* Write an IDAT containing the data then reset the buffer. The - * first IDAT may need deflate header optimization. - */ -#ifdef PNG_WRITE_OPTIMIZE_CMF_SUPPORTED - if ((png_ptr->mode & PNG_HAVE_IDAT) == 0 && - png_ptr->compression_type == PNG_COMPRESSION_TYPE_BASE) - optimize_cmf(data, png_image_size(png_ptr)); -#endif - - png_write_complete_chunk(png_ptr, png_IDAT, data, size); - png_ptr->mode |= PNG_HAVE_IDAT; - - png_ptr->zstream.next_out = data; - png_ptr->zstream.avail_out = size; - - /* For SYNC_FLUSH or FINISH it is essential to keep calling zlib with - * the same flush parameter until it has finished output, for NO_FLUSH - * it doesn't matter. - */ - if (ret == Z_OK && flush != Z_NO_FLUSH) - continue; - } - - /* The order of these checks doesn't matter much; it just affects which - * possible error might be detected if multiple things go wrong at once. - */ - if (ret == Z_OK) /* most likely return code! */ - { - /* If all the input has been consumed then just return. If Z_FINISH - * was used as the flush parameter something has gone wrong if we get - * here. - */ - if (input_len == 0) - { - if (flush == Z_FINISH) - png_error(png_ptr, "Z_OK on Z_FINISH with output space"); - - return; - } - } - - else if (ret == Z_STREAM_END && flush == Z_FINISH) - { - /* This is the end of the IDAT data; any pending output must be - * flushed. For small PNG files we may still be at the beginning. - */ - png_bytep data = png_ptr->zbuffer_list->output; - uInt size = png_ptr->zbuffer_size - png_ptr->zstream.avail_out; - -#ifdef PNG_WRITE_OPTIMIZE_CMF_SUPPORTED - if ((png_ptr->mode & PNG_HAVE_IDAT) == 0 && - png_ptr->compression_type == PNG_COMPRESSION_TYPE_BASE) - optimize_cmf(data, png_image_size(png_ptr)); -#endif - - png_write_complete_chunk(png_ptr, png_IDAT, data, size); - png_ptr->zstream.avail_out = 0; - png_ptr->zstream.next_out = NULL; - png_ptr->mode |= PNG_HAVE_IDAT | PNG_AFTER_IDAT; - - png_ptr->zowner = 0; /* Release the stream */ - return; - } - - else - { - /* This is an error condition. */ - png_zstream_error(png_ptr, ret); - png_error(png_ptr, png_ptr->zstream.msg); - } - } -} - -/* Write an IEND chunk */ -void /* PRIVATE */ -png_write_IEND(png_structrp png_ptr) -{ - png_debug(1, "in png_write_IEND"); - - png_write_complete_chunk(png_ptr, png_IEND, NULL, (png_size_t)0); - png_ptr->mode |= PNG_HAVE_IEND; -} - -#ifdef PNG_WRITE_gAMA_SUPPORTED -/* Write a gAMA chunk */ -void /* PRIVATE */ -png_write_gAMA_fixed(png_structrp png_ptr, png_fixed_point file_gamma) -{ - png_byte buf[4]; - - png_debug(1, "in png_write_gAMA"); - - /* file_gamma is saved in 1/100,000ths */ - png_save_uint_32(buf, (png_uint_32)file_gamma); - png_write_complete_chunk(png_ptr, png_gAMA, buf, (png_size_t)4); -} -#endif - -#ifdef PNG_WRITE_sRGB_SUPPORTED -/* Write a sRGB chunk */ -void /* PRIVATE */ -png_write_sRGB(png_structrp png_ptr, int srgb_intent) -{ - png_byte buf[1]; - - png_debug(1, "in png_write_sRGB"); - - if (srgb_intent >= PNG_sRGB_INTENT_LAST) - png_warning(png_ptr, - "Invalid sRGB rendering intent specified"); - - buf[0]=(png_byte)srgb_intent; - png_write_complete_chunk(png_ptr, png_sRGB, buf, (png_size_t)1); -} -#endif - -#ifdef PNG_WRITE_iCCP_SUPPORTED -/* Write an iCCP chunk */ -void /* PRIVATE */ -png_write_iCCP(png_structrp png_ptr, png_const_charp name, - png_const_bytep profile) -{ - png_uint_32 name_len; - png_uint_32 profile_len; - png_byte new_name[81]; /* 1 byte for the compression byte */ - compression_state comp; - png_uint_32 temp; - - png_debug(1, "in png_write_iCCP"); - - /* These are all internal problems: the profile should have been checked - * before when it was stored. - */ - if (profile == NULL) - png_error(png_ptr, "No profile for iCCP chunk"); /* internal error */ - - profile_len = png_get_uint_32(profile); - - if (profile_len < 132) - png_error(png_ptr, "ICC profile too short"); - - temp = (png_uint_32) (*(profile+8)); - if (temp > 3 && (profile_len & 0x03)) - png_error(png_ptr, "ICC profile length invalid (not a multiple of 4)"); - - { - png_uint_32 embedded_profile_len = png_get_uint_32(profile); - - if (profile_len != embedded_profile_len) - png_error(png_ptr, "Profile length does not match profile"); - } - - name_len = png_check_keyword(png_ptr, name, new_name); - - if (name_len == 0) - png_error(png_ptr, "iCCP: invalid keyword"); - - new_name[++name_len] = PNG_COMPRESSION_TYPE_BASE; - - /* Make sure we include the NULL after the name and the compression type */ - ++name_len; - - png_text_compress_init(&comp, profile, profile_len); - - /* Allow for keyword terminator and compression byte */ - if (png_text_compress(png_ptr, png_iCCP, &comp, name_len) != Z_OK) - png_error(png_ptr, png_ptr->zstream.msg); - - png_write_chunk_header(png_ptr, png_iCCP, name_len + comp.output_len); - - png_write_chunk_data(png_ptr, new_name, name_len); - - png_write_compressed_data_out(png_ptr, &comp); - - png_write_chunk_end(png_ptr); -} -#endif - -#ifdef PNG_WRITE_sPLT_SUPPORTED -/* Write a sPLT chunk */ -void /* PRIVATE */ -png_write_sPLT(png_structrp png_ptr, png_const_sPLT_tp spalette) -{ - png_uint_32 name_len; - png_byte new_name[80]; - png_byte entrybuf[10]; - png_size_t entry_size = (spalette->depth == 8 ? 6 : 10); - png_size_t palette_size = entry_size * spalette->nentries; - png_sPLT_entryp ep; -#ifndef PNG_POINTER_INDEXING_SUPPORTED - int i; -#endif - - png_debug(1, "in png_write_sPLT"); - - name_len = png_check_keyword(png_ptr, spalette->name, new_name); - - if (name_len == 0) - png_error(png_ptr, "sPLT: invalid keyword"); - - /* Make sure we include the NULL after the name */ - png_write_chunk_header(png_ptr, png_sPLT, - (png_uint_32)(name_len + 2 + palette_size)); - - png_write_chunk_data(png_ptr, (png_bytep)new_name, - (png_size_t)(name_len + 1)); - - png_write_chunk_data(png_ptr, &spalette->depth, (png_size_t)1); - - /* Loop through each palette entry, writing appropriately */ -#ifdef PNG_POINTER_INDEXING_SUPPORTED - for (ep = spalette->entries; ep<spalette->entries + spalette->nentries; ep++) - { - if (spalette->depth == 8) - { - entrybuf[0] = (png_byte)ep->red; - entrybuf[1] = (png_byte)ep->green; - entrybuf[2] = (png_byte)ep->blue; - entrybuf[3] = (png_byte)ep->alpha; - png_save_uint_16(entrybuf + 4, ep->frequency); - } - - else - { - png_save_uint_16(entrybuf + 0, ep->red); - png_save_uint_16(entrybuf + 2, ep->green); - png_save_uint_16(entrybuf + 4, ep->blue); - png_save_uint_16(entrybuf + 6, ep->alpha); - png_save_uint_16(entrybuf + 8, ep->frequency); - } - - png_write_chunk_data(png_ptr, entrybuf, entry_size); - } -#else - ep=spalette->entries; - for (i = 0; i>spalette->nentries; i++) - { - if (spalette->depth == 8) - { - entrybuf[0] = (png_byte)ep[i].red; - entrybuf[1] = (png_byte)ep[i].green; - entrybuf[2] = (png_byte)ep[i].blue; - entrybuf[3] = (png_byte)ep[i].alpha; - png_save_uint_16(entrybuf + 4, ep[i].frequency); - } - - else - { - png_save_uint_16(entrybuf + 0, ep[i].red); - png_save_uint_16(entrybuf + 2, ep[i].green); - png_save_uint_16(entrybuf + 4, ep[i].blue); - png_save_uint_16(entrybuf + 6, ep[i].alpha); - png_save_uint_16(entrybuf + 8, ep[i].frequency); - } - - png_write_chunk_data(png_ptr, entrybuf, entry_size); - } -#endif - - png_write_chunk_end(png_ptr); -} -#endif - -#ifdef PNG_WRITE_sBIT_SUPPORTED -/* Write the sBIT chunk */ -void /* PRIVATE */ -png_write_sBIT(png_structrp png_ptr, png_const_color_8p sbit, int color_type) -{ - png_byte buf[4]; - png_size_t size; - - png_debug(1, "in png_write_sBIT"); - - /* Make sure we don't depend upon the order of PNG_COLOR_8 */ - if ((color_type & PNG_COLOR_MASK_COLOR) != 0) - { - png_byte maxbits; - - maxbits = (png_byte)(color_type==PNG_COLOR_TYPE_PALETTE ? 8 : - png_ptr->usr_bit_depth); - - if (sbit->red == 0 || sbit->red > maxbits || - sbit->green == 0 || sbit->green > maxbits || - sbit->blue == 0 || sbit->blue > maxbits) - { - png_warning(png_ptr, "Invalid sBIT depth specified"); - return; - } - - buf[0] = sbit->red; - buf[1] = sbit->green; - buf[2] = sbit->blue; - size = 3; - } - - else - { - if (sbit->gray == 0 || sbit->gray > png_ptr->usr_bit_depth) - { - png_warning(png_ptr, "Invalid sBIT depth specified"); - return; - } - - buf[0] = sbit->gray; - size = 1; - } - - if ((color_type & PNG_COLOR_MASK_ALPHA) != 0) - { - if (sbit->alpha == 0 || sbit->alpha > png_ptr->usr_bit_depth) - { - png_warning(png_ptr, "Invalid sBIT depth specified"); - return; - } - - buf[size++] = sbit->alpha; - } - - png_write_complete_chunk(png_ptr, png_sBIT, buf, size); -} -#endif - -#ifdef PNG_WRITE_cHRM_SUPPORTED -/* Write the cHRM chunk */ -void /* PRIVATE */ -png_write_cHRM_fixed(png_structrp png_ptr, const png_xy *xy) -{ - png_byte buf[32]; - - png_debug(1, "in png_write_cHRM"); - - /* Each value is saved in 1/100,000ths */ - png_save_int_32(buf, xy->whitex); - png_save_int_32(buf + 4, xy->whitey); - - png_save_int_32(buf + 8, xy->redx); - png_save_int_32(buf + 12, xy->redy); - - png_save_int_32(buf + 16, xy->greenx); - png_save_int_32(buf + 20, xy->greeny); - - png_save_int_32(buf + 24, xy->bluex); - png_save_int_32(buf + 28, xy->bluey); - - png_write_complete_chunk(png_ptr, png_cHRM, buf, 32); -} -#endif - -#ifdef PNG_WRITE_tRNS_SUPPORTED -/* Write the tRNS chunk */ -void /* PRIVATE */ -png_write_tRNS(png_structrp png_ptr, png_const_bytep trans_alpha, - png_const_color_16p tran, int num_trans, int color_type) -{ - png_byte buf[6]; - - png_debug(1, "in png_write_tRNS"); - - if (color_type == PNG_COLOR_TYPE_PALETTE) - { - if (num_trans <= 0 || num_trans > (int)png_ptr->num_palette) - { - png_app_warning(png_ptr, - "Invalid number of transparent colors specified"); - return; - } - - /* Write the chunk out as it is */ - png_write_complete_chunk(png_ptr, png_tRNS, trans_alpha, - (png_size_t)num_trans); - } - - else if (color_type == PNG_COLOR_TYPE_GRAY) - { - /* One 16-bit value */ - if (tran->gray >= (1 << png_ptr->bit_depth)) - { - png_app_warning(png_ptr, - "Ignoring attempt to write tRNS chunk out-of-range for bit_depth"); - - return; - } - - png_save_uint_16(buf, tran->gray); - png_write_complete_chunk(png_ptr, png_tRNS, buf, (png_size_t)2); - } - - else if (color_type == PNG_COLOR_TYPE_RGB) - { - /* Three 16-bit values */ - png_save_uint_16(buf, tran->red); - png_save_uint_16(buf + 2, tran->green); - png_save_uint_16(buf + 4, tran->blue); -#ifdef PNG_WRITE_16BIT_SUPPORTED - if (png_ptr->bit_depth == 8 && (buf[0] | buf[2] | buf[4]) != 0) -#else - if ((buf[0] | buf[2] | buf[4]) != 0) -#endif - { - png_app_warning(png_ptr, - "Ignoring attempt to write 16-bit tRNS chunk when bit_depth is 8"); - return; - } - - png_write_complete_chunk(png_ptr, png_tRNS, buf, (png_size_t)6); - } - - else - { - png_app_warning(png_ptr, "Can't write tRNS with an alpha channel"); - } -} -#endif - -#ifdef PNG_WRITE_bKGD_SUPPORTED -/* Write the background chunk */ -void /* PRIVATE */ -png_write_bKGD(png_structrp png_ptr, png_const_color_16p back, int color_type) -{ - png_byte buf[6]; - - png_debug(1, "in png_write_bKGD"); - - if (color_type == PNG_COLOR_TYPE_PALETTE) - { - if ( -#ifdef PNG_MNG_FEATURES_SUPPORTED - (png_ptr->num_palette != 0 || - (png_ptr->mng_features_permitted & PNG_FLAG_MNG_EMPTY_PLTE) == 0) && -#endif - back->index >= png_ptr->num_palette) - { - png_warning(png_ptr, "Invalid background palette index"); - return; - } - - buf[0] = back->index; - png_write_complete_chunk(png_ptr, png_bKGD, buf, (png_size_t)1); - } - - else if ((color_type & PNG_COLOR_MASK_COLOR) != 0) - { - png_save_uint_16(buf, back->red); - png_save_uint_16(buf + 2, back->green); - png_save_uint_16(buf + 4, back->blue); -#ifdef PNG_WRITE_16BIT_SUPPORTED - if (png_ptr->bit_depth == 8 && (buf[0] | buf[2] | buf[4]) != 0) -#else - if ((buf[0] | buf[2] | buf[4]) != 0) -#endif - { - png_warning(png_ptr, - "Ignoring attempt to write 16-bit bKGD chunk when bit_depth is 8"); - - return; - } - - png_write_complete_chunk(png_ptr, png_bKGD, buf, (png_size_t)6); - } - - else - { - if (back->gray >= (1 << png_ptr->bit_depth)) - { - png_warning(png_ptr, - "Ignoring attempt to write bKGD chunk out-of-range for bit_depth"); - - return; - } - - png_save_uint_16(buf, back->gray); - png_write_complete_chunk(png_ptr, png_bKGD, buf, (png_size_t)2); - } -} -#endif - -#ifdef PNG_WRITE_hIST_SUPPORTED -/* Write the histogram */ -void /* PRIVATE */ -png_write_hIST(png_structrp png_ptr, png_const_uint_16p hist, int num_hist) -{ - int i; - png_byte buf[3]; - - png_debug(1, "in png_write_hIST"); - - if (num_hist > (int)png_ptr->num_palette) - { - png_debug2(3, "num_hist = %d, num_palette = %d", num_hist, - png_ptr->num_palette); - - png_warning(png_ptr, "Invalid number of histogram entries specified"); - return; - } - - png_write_chunk_header(png_ptr, png_hIST, (png_uint_32)(num_hist * 2)); - - for (i = 0; i < num_hist; i++) - { - png_save_uint_16(buf, hist[i]); - png_write_chunk_data(png_ptr, buf, (png_size_t)2); - } - - png_write_chunk_end(png_ptr); -} -#endif - -#ifdef PNG_WRITE_tEXt_SUPPORTED -/* Write a tEXt chunk */ -void /* PRIVATE */ -png_write_tEXt(png_structrp png_ptr, png_const_charp key, png_const_charp text, - png_size_t text_len) -{ - png_uint_32 key_len; - png_byte new_key[80]; - - png_debug(1, "in png_write_tEXt"); - - key_len = png_check_keyword(png_ptr, key, new_key); - - if (key_len == 0) - png_error(png_ptr, "tEXt: invalid keyword"); - - if (text == NULL || *text == '\0') - text_len = 0; - - else - text_len = strlen(text); - - if (text_len > PNG_UINT_31_MAX - (key_len+1)) - png_error(png_ptr, "tEXt: text too long"); - - /* Make sure we include the 0 after the key */ - png_write_chunk_header(png_ptr, png_tEXt, - (png_uint_32)/*checked above*/(key_len + text_len + 1)); - /* - * We leave it to the application to meet PNG-1.0 requirements on the - * contents of the text. PNG-1.0 through PNG-1.2 discourage the use of - * any non-Latin-1 characters except for NEWLINE. ISO PNG will forbid them. - * The NUL character is forbidden by PNG-1.0 through PNG-1.2 and ISO PNG. - */ - png_write_chunk_data(png_ptr, new_key, key_len + 1); - - if (text_len != 0) - png_write_chunk_data(png_ptr, (png_const_bytep)text, text_len); - - png_write_chunk_end(png_ptr); -} -#endif - -#ifdef PNG_WRITE_zTXt_SUPPORTED -/* Write a compressed text chunk */ -void /* PRIVATE */ -png_write_zTXt(png_structrp png_ptr, png_const_charp key, png_const_charp text, - int compression) -{ - png_uint_32 key_len; - png_byte new_key[81]; - compression_state comp; - - png_debug(1, "in png_write_zTXt"); - - if (compression == PNG_TEXT_COMPRESSION_NONE) - { - png_write_tEXt(png_ptr, key, text, 0); - return; - } - - if (compression != PNG_TEXT_COMPRESSION_zTXt) - png_error(png_ptr, "zTXt: invalid compression type"); - - key_len = png_check_keyword(png_ptr, key, new_key); - - if (key_len == 0) - png_error(png_ptr, "zTXt: invalid keyword"); - - /* Add the compression method and 1 for the keyword separator. */ - new_key[++key_len] = PNG_COMPRESSION_TYPE_BASE; - ++key_len; - - /* Compute the compressed data; do it now for the length */ - png_text_compress_init(&comp, (png_const_bytep)text, - text == NULL ? 0 : strlen(text)); - - if (png_text_compress(png_ptr, png_zTXt, &comp, key_len) != Z_OK) - png_error(png_ptr, png_ptr->zstream.msg); - - /* Write start of chunk */ - png_write_chunk_header(png_ptr, png_zTXt, key_len + comp.output_len); - - /* Write key */ - png_write_chunk_data(png_ptr, new_key, key_len); - - /* Write the compressed data */ - png_write_compressed_data_out(png_ptr, &comp); - - /* Close the chunk */ - png_write_chunk_end(png_ptr); -} -#endif - -#ifdef PNG_WRITE_iTXt_SUPPORTED -/* Write an iTXt chunk */ -void /* PRIVATE */ -png_write_iTXt(png_structrp png_ptr, int compression, png_const_charp key, - png_const_charp lang, png_const_charp lang_key, png_const_charp text) -{ - png_uint_32 key_len, prefix_len; - png_size_t lang_len, lang_key_len; - png_byte new_key[82]; - compression_state comp; - - png_debug(1, "in png_write_iTXt"); - - key_len = png_check_keyword(png_ptr, key, new_key); - - if (key_len == 0) - png_error(png_ptr, "iTXt: invalid keyword"); - - /* Set the compression flag */ - switch (compression) - { - case PNG_ITXT_COMPRESSION_NONE: - case PNG_TEXT_COMPRESSION_NONE: - compression = new_key[++key_len] = 0; /* no compression */ - break; - - case PNG_TEXT_COMPRESSION_zTXt: - case PNG_ITXT_COMPRESSION_zTXt: - compression = new_key[++key_len] = 1; /* compressed */ - break; - - default: - png_error(png_ptr, "iTXt: invalid compression"); - } - - new_key[++key_len] = PNG_COMPRESSION_TYPE_BASE; - ++key_len; /* for the keywod separator */ - - /* We leave it to the application to meet PNG-1.0 requirements on the - * contents of the text. PNG-1.0 through PNG-1.2 discourage the use of - * any non-Latin-1 characters except for NEWLINE. ISO PNG, however, - * specifies that the text is UTF-8 and this really doesn't require any - * checking. - * - * The NUL character is forbidden by PNG-1.0 through PNG-1.2 and ISO PNG. - * - * TODO: validate the language tag correctly (see the spec.) - */ - if (lang == NULL) lang = ""; /* empty language is valid */ - lang_len = strlen(lang)+1; - if (lang_key == NULL) lang_key = ""; /* may be empty */ - lang_key_len = strlen(lang_key)+1; - if (text == NULL) text = ""; /* may be empty */ - - prefix_len = key_len; - if (lang_len > PNG_UINT_31_MAX-prefix_len) - prefix_len = PNG_UINT_31_MAX; - else - prefix_len = (png_uint_32)(prefix_len + lang_len); - - if (lang_key_len > PNG_UINT_31_MAX-prefix_len) - prefix_len = PNG_UINT_31_MAX; - else - prefix_len = (png_uint_32)(prefix_len + lang_key_len); - - png_text_compress_init(&comp, (png_const_bytep)text, strlen(text)); - - if (compression != 0) - { - if (png_text_compress(png_ptr, png_iTXt, &comp, prefix_len) != Z_OK) - png_error(png_ptr, png_ptr->zstream.msg); - } - - else - { - if (comp.input_len > PNG_UINT_31_MAX-prefix_len) - png_error(png_ptr, "iTXt: uncompressed text too long"); - - /* So the string will fit in a chunk: */ - comp.output_len = (png_uint_32)/*SAFE*/comp.input_len; - } - - png_write_chunk_header(png_ptr, png_iTXt, comp.output_len + prefix_len); - - png_write_chunk_data(png_ptr, new_key, key_len); - - png_write_chunk_data(png_ptr, (png_const_bytep)lang, lang_len); - - png_write_chunk_data(png_ptr, (png_const_bytep)lang_key, lang_key_len); - - if (compression != 0) - png_write_compressed_data_out(png_ptr, &comp); - - else - png_write_chunk_data(png_ptr, (png_const_bytep)text, comp.output_len); - - png_write_chunk_end(png_ptr); -} -#endif - -#ifdef PNG_WRITE_oFFs_SUPPORTED -/* Write the oFFs chunk */ -void /* PRIVATE */ -png_write_oFFs(png_structrp png_ptr, png_int_32 x_offset, png_int_32 y_offset, - int unit_type) -{ - png_byte buf[9]; - - png_debug(1, "in png_write_oFFs"); - - if (unit_type >= PNG_OFFSET_LAST) - png_warning(png_ptr, "Unrecognized unit type for oFFs chunk"); - - png_save_int_32(buf, x_offset); - png_save_int_32(buf + 4, y_offset); - buf[8] = (png_byte)unit_type; - - png_write_complete_chunk(png_ptr, png_oFFs, buf, (png_size_t)9); -} -#endif -#ifdef PNG_WRITE_pCAL_SUPPORTED -/* Write the pCAL chunk (described in the PNG extensions document) */ -void /* PRIVATE */ -png_write_pCAL(png_structrp png_ptr, png_charp purpose, png_int_32 X0, - png_int_32 X1, int type, int nparams, png_const_charp units, - png_charpp params) -{ - png_uint_32 purpose_len; - png_size_t units_len, total_len; - png_size_tp params_len; - png_byte buf[10]; - png_byte new_purpose[80]; - int i; - - png_debug1(1, "in png_write_pCAL (%d parameters)", nparams); - - if (type >= PNG_EQUATION_LAST) - png_error(png_ptr, "Unrecognized equation type for pCAL chunk"); - - purpose_len = png_check_keyword(png_ptr, purpose, new_purpose); - - if (purpose_len == 0) - png_error(png_ptr, "pCAL: invalid keyword"); - - ++purpose_len; /* terminator */ - - png_debug1(3, "pCAL purpose length = %d", (int)purpose_len); - units_len = strlen(units) + (nparams == 0 ? 0 : 1); - png_debug1(3, "pCAL units length = %d", (int)units_len); - total_len = purpose_len + units_len + 10; - - params_len = (png_size_tp)png_malloc(png_ptr, - (png_alloc_size_t)(nparams * (sizeof (png_size_t)))); - - /* Find the length of each parameter, making sure we don't count the - * null terminator for the last parameter. - */ - for (i = 0; i < nparams; i++) - { - params_len[i] = strlen(params[i]) + (i == nparams - 1 ? 0 : 1); - png_debug2(3, "pCAL parameter %d length = %lu", i, - (unsigned long)params_len[i]); - total_len += params_len[i]; - } - - png_debug1(3, "pCAL total length = %d", (int)total_len); - png_write_chunk_header(png_ptr, png_pCAL, (png_uint_32)total_len); - png_write_chunk_data(png_ptr, new_purpose, purpose_len); - png_save_int_32(buf, X0); - png_save_int_32(buf + 4, X1); - buf[8] = (png_byte)type; - buf[9] = (png_byte)nparams; - png_write_chunk_data(png_ptr, buf, (png_size_t)10); - png_write_chunk_data(png_ptr, (png_const_bytep)units, (png_size_t)units_len); - - for (i = 0; i < nparams; i++) - { - png_write_chunk_data(png_ptr, (png_const_bytep)params[i], params_len[i]); - } - - png_free(png_ptr, params_len); - png_write_chunk_end(png_ptr); -} -#endif - -#ifdef PNG_WRITE_sCAL_SUPPORTED -/* Write the sCAL chunk */ -void /* PRIVATE */ -png_write_sCAL_s(png_structrp png_ptr, int unit, png_const_charp width, - png_const_charp height) -{ - png_byte buf[64]; - png_size_t wlen, hlen, total_len; - - png_debug(1, "in png_write_sCAL_s"); - - wlen = strlen(width); - hlen = strlen(height); - total_len = wlen + hlen + 2; - - if (total_len > 64) - { - png_warning(png_ptr, "Can't write sCAL (buffer too small)"); - return; - } - - buf[0] = (png_byte)unit; - memcpy(buf + 1, width, wlen + 1); /* Append the '\0' here */ - memcpy(buf + wlen + 2, height, hlen); /* Do NOT append the '\0' here */ - - png_debug1(3, "sCAL total length = %u", (unsigned int)total_len); - png_write_complete_chunk(png_ptr, png_sCAL, buf, total_len); -} -#endif - -#ifdef PNG_WRITE_pHYs_SUPPORTED -/* Write the pHYs chunk */ -void /* PRIVATE */ -png_write_pHYs(png_structrp png_ptr, png_uint_32 x_pixels_per_unit, - png_uint_32 y_pixels_per_unit, - int unit_type) -{ - png_byte buf[9]; - - png_debug(1, "in png_write_pHYs"); - - if (unit_type >= PNG_RESOLUTION_LAST) - png_warning(png_ptr, "Unrecognized unit type for pHYs chunk"); - - png_save_uint_32(buf, x_pixels_per_unit); - png_save_uint_32(buf + 4, y_pixels_per_unit); - buf[8] = (png_byte)unit_type; - - png_write_complete_chunk(png_ptr, png_pHYs, buf, (png_size_t)9); -} -#endif - -#ifdef PNG_WRITE_tIME_SUPPORTED -/* Write the tIME chunk. Use either png_convert_from_struct_tm() - * or png_convert_from_time_t(), or fill in the structure yourself. - */ -void /* PRIVATE */ -png_write_tIME(png_structrp png_ptr, png_const_timep mod_time) -{ - png_byte buf[7]; - - png_debug(1, "in png_write_tIME"); - - if (mod_time->month > 12 || mod_time->month < 1 || - mod_time->day > 31 || mod_time->day < 1 || - mod_time->hour > 23 || mod_time->second > 60) - { - png_warning(png_ptr, "Invalid time specified for tIME chunk"); - return; - } - - png_save_uint_16(buf, mod_time->year); - buf[2] = mod_time->month; - buf[3] = mod_time->day; - buf[4] = mod_time->hour; - buf[5] = mod_time->minute; - buf[6] = mod_time->second; - - png_write_complete_chunk(png_ptr, png_tIME, buf, (png_size_t)7); -} -#endif - -/* Initializes the row writing capability of libpng */ -void /* PRIVATE */ -png_write_start_row(png_structrp png_ptr) -{ -#ifdef PNG_WRITE_INTERLACING_SUPPORTED - /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ - - /* Start of interlace block */ - static PNG_CONST png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; - - /* Offset to next interlace block */ - static PNG_CONST png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; - - /* Start of interlace block in the y direction */ - static PNG_CONST png_byte png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1}; - - /* Offset to next interlace block in the y direction */ - static PNG_CONST png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; -#endif - - png_alloc_size_t buf_size; - int usr_pixel_depth; - -#ifdef PNG_WRITE_FILTER_SUPPORTED - png_byte filters; -#endif - - png_debug(1, "in png_write_start_row"); - - usr_pixel_depth = png_ptr->usr_channels * png_ptr->usr_bit_depth; - buf_size = PNG_ROWBYTES(usr_pixel_depth, png_ptr->width) + 1; - - /* 1.5.6: added to allow checking in the row write code. */ - png_ptr->transformed_pixel_depth = png_ptr->pixel_depth; - png_ptr->maximum_pixel_depth = (png_byte)usr_pixel_depth; - - /* Set up row buffer */ - png_ptr->row_buf = png_voidcast(png_bytep, png_malloc(png_ptr, buf_size)); - - png_ptr->row_buf[0] = PNG_FILTER_VALUE_NONE; - -#ifdef PNG_WRITE_FILTER_SUPPORTED - filters = png_ptr->do_filter; - - if (png_ptr->height == 1) - filters &= 0xff & ~(PNG_FILTER_UP|PNG_FILTER_AVG|PNG_FILTER_PAETH); - - if (png_ptr->width == 1) - filters &= 0xff & ~(PNG_FILTER_SUB|PNG_FILTER_AVG|PNG_FILTER_PAETH); - - if (filters == 0) - filters = PNG_FILTER_NONE; - - png_ptr->do_filter = filters; - - if (((filters & (PNG_FILTER_SUB | PNG_FILTER_UP | PNG_FILTER_AVG | - PNG_FILTER_PAETH)) != 0) && png_ptr->try_row == NULL) - { - int num_filters = 0; - - png_ptr->try_row = png_voidcast(png_bytep, png_malloc(png_ptr, buf_size)); - - if (filters & PNG_FILTER_SUB) - num_filters++; - - if (filters & PNG_FILTER_UP) - num_filters++; - - if (filters & PNG_FILTER_AVG) - num_filters++; - - if (filters & PNG_FILTER_PAETH) - num_filters++; - - if (num_filters > 1) - png_ptr->tst_row = png_voidcast(png_bytep, png_malloc(png_ptr, - buf_size)); - } - - /* We only need to keep the previous row if we are using one of the following - * filters. - */ - if ((filters & (PNG_FILTER_AVG | PNG_FILTER_UP | PNG_FILTER_PAETH)) != 0) - png_ptr->prev_row = png_voidcast(png_bytep, - png_calloc(png_ptr, buf_size)); -#endif /* WRITE_FILTER */ - -#ifdef PNG_WRITE_INTERLACING_SUPPORTED - /* If interlaced, we need to set up width and height of pass */ - if (png_ptr->interlaced != 0) - { - if ((png_ptr->transformations & PNG_INTERLACE) == 0) - { - png_ptr->num_rows = (png_ptr->height + png_pass_yinc[0] - 1 - - png_pass_ystart[0]) / png_pass_yinc[0]; - - png_ptr->usr_width = (png_ptr->width + png_pass_inc[0] - 1 - - png_pass_start[0]) / png_pass_inc[0]; - } - - else - { - png_ptr->num_rows = png_ptr->height; - png_ptr->usr_width = png_ptr->width; - } - } - - else -#endif - { - png_ptr->num_rows = png_ptr->height; - png_ptr->usr_width = png_ptr->width; - } -} - -/* Internal use only. Called when finished processing a row of data. */ -void /* PRIVATE */ -png_write_finish_row(png_structrp png_ptr) -{ -#ifdef PNG_WRITE_INTERLACING_SUPPORTED - /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ - - /* Start of interlace block */ - static PNG_CONST png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; - - /* Offset to next interlace block */ - static PNG_CONST png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; - - /* Start of interlace block in the y direction */ - static PNG_CONST png_byte png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1}; - - /* Offset to next interlace block in the y direction */ - static PNG_CONST png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; -#endif - - png_debug(1, "in png_write_finish_row"); - - /* Next row */ - png_ptr->row_number++; - - /* See if we are done */ - if (png_ptr->row_number < png_ptr->num_rows) - return; - -#ifdef PNG_WRITE_INTERLACING_SUPPORTED - /* If interlaced, go to next pass */ - if (png_ptr->interlaced != 0) - { - png_ptr->row_number = 0; - if ((png_ptr->transformations & PNG_INTERLACE) != 0) - { - png_ptr->pass++; - } - - else - { - /* Loop until we find a non-zero width or height pass */ - do - { - png_ptr->pass++; - - if (png_ptr->pass >= 7) - break; - - png_ptr->usr_width = (png_ptr->width + - png_pass_inc[png_ptr->pass] - 1 - - png_pass_start[png_ptr->pass]) / - png_pass_inc[png_ptr->pass]; - - png_ptr->num_rows = (png_ptr->height + - png_pass_yinc[png_ptr->pass] - 1 - - png_pass_ystart[png_ptr->pass]) / - png_pass_yinc[png_ptr->pass]; - - if ((png_ptr->transformations & PNG_INTERLACE) != 0) - break; - - } while (png_ptr->usr_width == 0 || png_ptr->num_rows == 0); - - } - - /* Reset the row above the image for the next pass */ - if (png_ptr->pass < 7) - { - if (png_ptr->prev_row != NULL) - memset(png_ptr->prev_row, 0, - (png_size_t)(PNG_ROWBYTES(png_ptr->usr_channels* - png_ptr->usr_bit_depth, png_ptr->width)) + 1); - - return; - } - } -#endif - - /* If we get here, we've just written the last row, so we need - to flush the compressor */ - png_compress_IDAT(png_ptr, NULL, 0, Z_FINISH); -} - -#ifdef PNG_WRITE_INTERLACING_SUPPORTED -/* Pick out the correct pixels for the interlace pass. - * The basic idea here is to go through the row with a source - * pointer and a destination pointer (sp and dp), and copy the - * correct pixels for the pass. As the row gets compacted, - * sp will always be >= dp, so we should never overwrite anything. - * See the default: case for the easiest code to understand. - */ -void /* PRIVATE */ -png_do_write_interlace(png_row_infop row_info, png_bytep row, int pass) -{ - /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ - - /* Start of interlace block */ - static PNG_CONST png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; - - /* Offset to next interlace block */ - static PNG_CONST png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; - - png_debug(1, "in png_do_write_interlace"); - - /* We don't have to do anything on the last pass (6) */ - if (pass < 6) - { - /* Each pixel depth is handled separately */ - switch (row_info->pixel_depth) - { - case 1: - { - png_bytep sp; - png_bytep dp; - unsigned int shift; - int d; - int value; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - dp = row; - d = 0; - shift = 7; - - for (i = png_pass_start[pass]; i < row_width; - i += png_pass_inc[pass]) - { - sp = row + (png_size_t)(i >> 3); - value = (int)(*sp >> (7 - (int)(i & 0x07))) & 0x01; - d |= (value << shift); - - if (shift == 0) - { - shift = 7; - *dp++ = (png_byte)d; - d = 0; - } - - else - shift--; - - } - if (shift != 7) - *dp = (png_byte)d; - - break; - } - - case 2: - { - png_bytep sp; - png_bytep dp; - unsigned int shift; - int d; - int value; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - dp = row; - shift = 6; - d = 0; - - for (i = png_pass_start[pass]; i < row_width; - i += png_pass_inc[pass]) - { - sp = row + (png_size_t)(i >> 2); - value = (*sp >> ((3 - (int)(i & 0x03)) << 1)) & 0x03; - d |= (value << shift); - - if (shift == 0) - { - shift = 6; - *dp++ = (png_byte)d; - d = 0; - } - - else - shift -= 2; - } - if (shift != 6) - *dp = (png_byte)d; - - break; - } - - case 4: - { - png_bytep sp; - png_bytep dp; - unsigned int shift; - int d; - int value; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - - dp = row; - shift = 4; - d = 0; - for (i = png_pass_start[pass]; i < row_width; - i += png_pass_inc[pass]) - { - sp = row + (png_size_t)(i >> 1); - value = (*sp >> ((1 - (int)(i & 0x01)) << 2)) & 0x0f; - d |= (value << shift); - - if (shift == 0) - { - shift = 4; - *dp++ = (png_byte)d; - d = 0; - } - - else - shift -= 4; - } - if (shift != 4) - *dp = (png_byte)d; - - break; - } - - default: - { - png_bytep sp; - png_bytep dp; - png_uint_32 i; - png_uint_32 row_width = row_info->width; - png_size_t pixel_bytes; - - /* Start at the beginning */ - dp = row; - - /* Find out how many bytes each pixel takes up */ - pixel_bytes = (row_info->pixel_depth >> 3); - - /* Loop through the row, only looking at the pixels that matter */ - for (i = png_pass_start[pass]; i < row_width; - i += png_pass_inc[pass]) - { - /* Find out where the original pixel is */ - sp = row + (png_size_t)i * pixel_bytes; - - /* Move the pixel */ - if (dp != sp) - memcpy(dp, sp, pixel_bytes); - - /* Next pixel */ - dp += pixel_bytes; - } - break; - } - } - /* Set new row width */ - row_info->width = (row_info->width + - png_pass_inc[pass] - 1 - - png_pass_start[pass]) / - png_pass_inc[pass]; - - row_info->rowbytes = PNG_ROWBYTES(row_info->pixel_depth, - row_info->width); - } -} -#endif - - -/* This filters the row, chooses which filter to use, if it has not already - * been specified by the application, and then writes the row out with the - * chosen filter. - */ -static void /* PRIVATE */ -png_write_filtered_row(png_structrp png_ptr, png_bytep filtered_row, - png_size_t row_bytes); - -#ifdef PNG_WRITE_FILTER_SUPPORTED -static png_size_t /* PRIVATE */ -png_setup_sub_row(png_structrp png_ptr, const png_uint_32 bpp, - const png_size_t row_bytes, const png_size_t lmins) -{ - png_bytep rp, dp, lp; - png_size_t i; - png_size_t sum = 0; - int v; - - png_ptr->try_row[0] = PNG_FILTER_VALUE_SUB; - - for (i = 0, rp = png_ptr->row_buf + 1, dp = png_ptr->try_row + 1; i < bpp; - i++, rp++, dp++) - { - v = *dp = *rp; - sum += (v < 128) ? v : 256 - v; - } - - for (lp = png_ptr->row_buf + 1; i < row_bytes; - i++, rp++, lp++, dp++) - { - v = *dp = (png_byte)(((int)*rp - (int)*lp) & 0xff); - sum += (v < 128) ? v : 256 - v; - - if (sum > lmins) /* We are already worse, don't continue. */ - break; - } - - return (sum); -} - -static png_size_t /* PRIVATE */ -png_setup_up_row(png_structrp png_ptr, const png_size_t row_bytes, - const png_size_t lmins) -{ - png_bytep rp, dp, pp; - png_size_t i; - png_size_t sum = 0; - int v; - - png_ptr->try_row[0] = PNG_FILTER_VALUE_UP; - - for (i = 0, rp = png_ptr->row_buf + 1, dp = png_ptr->try_row + 1, - pp = png_ptr->prev_row + 1; i < row_bytes; - i++, rp++, pp++, dp++) - { - v = *dp = (png_byte)(((int)*rp - (int)*pp) & 0xff); - sum += (v < 128) ? v : 256 - v; - - if (sum > lmins) /* We are already worse, don't continue. */ - break; - } - - return (sum); -} - -static png_size_t /* PRIVATE */ -png_setup_avg_row(png_structrp png_ptr, const png_uint_32 bpp, - const png_size_t row_bytes, const png_size_t lmins) -{ - png_bytep rp, dp, pp, lp; - png_uint_32 i; - png_size_t sum = 0; - int v; - - png_ptr->try_row[0] = PNG_FILTER_VALUE_AVG; - - for (i = 0, rp = png_ptr->row_buf + 1, dp = png_ptr->try_row + 1, - pp = png_ptr->prev_row + 1; i < bpp; i++) - { - v = *dp++ = (png_byte)(((int)*rp++ - ((int)*pp++ / 2)) & 0xff); - - sum += (v < 128) ? v : 256 - v; - } - - for (lp = png_ptr->row_buf + 1; i < row_bytes; i++) - { - v = *dp++ = (png_byte)(((int)*rp++ - (((int)*pp++ + (int)*lp++) / 2)) - & 0xff); - - sum += (v < 128) ? v : 256 - v; - - if (sum > lmins) /* We are already worse, don't continue. */ - break; - } - - return (sum); -} - -static png_size_t /* PRIVATE */ -png_setup_paeth_row(png_structrp png_ptr, const png_uint_32 bpp, - const png_size_t row_bytes, const png_size_t lmins) -{ - png_bytep rp, dp, pp, cp, lp; - png_size_t i; - png_size_t sum = 0; - int v; - - png_ptr->try_row[0] = PNG_FILTER_VALUE_PAETH; - - for (i = 0, rp = png_ptr->row_buf + 1, dp = png_ptr->try_row + 1, - pp = png_ptr->prev_row + 1; i < bpp; i++) - { - v = *dp++ = (png_byte)(((int)*rp++ - (int)*pp++) & 0xff); - - sum += (v < 128) ? v : 256 - v; - } - - for (lp = png_ptr->row_buf + 1, cp = png_ptr->prev_row + 1; i < row_bytes; - i++) - { - int a, b, c, pa, pb, pc, p; - - b = *pp++; - c = *cp++; - a = *lp++; - - p = b - c; - pc = a - c; - -#ifdef PNG_USE_ABS - pa = abs(p); - pb = abs(pc); - pc = abs(p + pc); -#else - pa = p < 0 ? -p : p; - pb = pc < 0 ? -pc : pc; - pc = (p + pc) < 0 ? -(p + pc) : p + pc; -#endif - - p = (pa <= pb && pa <=pc) ? a : (pb <= pc) ? b : c; - - v = *dp++ = (png_byte)(((int)*rp++ - p) & 0xff); - - sum += (v < 128) ? v : 256 - v; - - if (sum > lmins) /* We are already worse, don't continue. */ - break; - } - - return (sum); -} -#endif /* WRITE_FILTER */ - -void /* PRIVATE */ -png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) -{ -#ifndef PNG_WRITE_FILTER_SUPPORTED - png_write_filtered_row(png_ptr, png_ptr->row_buf, row_info->rowbytes+1); -#else - png_byte filter_to_do = png_ptr->do_filter; - png_bytep row_buf; - png_bytep best_row; - png_uint_32 bpp; - png_size_t mins; - png_size_t row_bytes = row_info->rowbytes; - - png_debug(1, "in png_write_find_filter"); - - /* Find out how many bytes offset each pixel is */ - bpp = (row_info->pixel_depth + 7) >> 3; - - row_buf = png_ptr->row_buf; - mins = PNG_SIZE_MAX - 256/* so we can detect potential overflow of the - running sum */; - - /* The prediction method we use is to find which method provides the - * smallest value when summing the absolute values of the distances - * from zero, using anything >= 128 as negative numbers. This is known - * as the "minimum sum of absolute differences" heuristic. Other - * heuristics are the "weighted minimum sum of absolute differences" - * (experimental and can in theory improve compression), and the "zlib - * predictive" method (not implemented yet), which does test compressions - * of lines using different filter methods, and then chooses the - * (series of) filter(s) that give minimum compressed data size (VERY - * computationally expensive). - * - * GRR 980525: consider also - * - * (1) minimum sum of absolute differences from running average (i.e., - * keep running sum of non-absolute differences & count of bytes) - * [track dispersion, too? restart average if dispersion too large?] - * - * (1b) minimum sum of absolute differences from sliding average, probably - * with window size <= deflate window (usually 32K) - * - * (2) minimum sum of squared differences from zero or running average - * (i.e., ~ root-mean-square approach) - */ - - - /* We don't need to test the 'no filter' case if this is the only filter - * that has been chosen, as it doesn't actually do anything to the data. - */ - best_row = png_ptr->row_buf; - - - if ((filter_to_do & PNG_FILTER_NONE) != 0 && filter_to_do != PNG_FILTER_NONE) - { - png_bytep rp; - png_size_t sum = 0; - png_size_t i; - int v; - - if (PNG_SIZE_MAX/128 <= row_bytes) - { - for (i = 0, rp = row_buf + 1; i < row_bytes; i++, rp++) - { - /* Check for overflow */ - if (sum > PNG_SIZE_MAX/128 - 256) - break; - - v = *rp; - sum += (v < 128) ? v : 256 - v; - } - } - else /* Overflow is not possible */ - { - for (i = 0, rp = row_buf + 1; i < row_bytes; i++, rp++) - { - v = *rp; - sum += (v < 128) ? v : 256 - v; - } - } - - mins = sum; - } - - /* Sub filter */ - if (filter_to_do == PNG_FILTER_SUB) - /* It's the only filter so no testing is needed */ - { - (void) png_setup_sub_row(png_ptr, bpp, row_bytes, mins); - best_row = png_ptr->try_row; - } - - else if ((filter_to_do & PNG_FILTER_SUB) != 0) - { - png_size_t sum; - png_size_t lmins = mins; - - sum = png_setup_sub_row(png_ptr, bpp, row_bytes, lmins); - - if (sum < mins) - { - mins = sum; - best_row = png_ptr->try_row; - if (png_ptr->tst_row != NULL) - { - png_ptr->try_row = png_ptr->tst_row; - png_ptr->tst_row = best_row; - } - } - } - - /* Up filter */ - if (filter_to_do == PNG_FILTER_UP) - { - (void) png_setup_up_row(png_ptr, row_bytes, mins); - best_row = png_ptr->try_row; - } - - else if ((filter_to_do & PNG_FILTER_UP) != 0) - { - png_size_t sum; - png_size_t lmins = mins; - - sum = png_setup_up_row(png_ptr, row_bytes, lmins); - - if (sum < mins) - { - mins = sum; - best_row = png_ptr->try_row; - if (png_ptr->tst_row != NULL) - { - png_ptr->try_row = png_ptr->tst_row; - png_ptr->tst_row = best_row; - } - } - } - - /* Avg filter */ - if (filter_to_do == PNG_FILTER_AVG) - { - (void) png_setup_avg_row(png_ptr, bpp, row_bytes, mins); - best_row = png_ptr->try_row; - } - - else if ((filter_to_do & PNG_FILTER_AVG) != 0) - { - png_size_t sum; - png_size_t lmins = mins; - - sum= png_setup_avg_row(png_ptr, bpp, row_bytes, lmins); - - if (sum < mins) - { - mins = sum; - best_row = png_ptr->try_row; - if (png_ptr->tst_row != NULL) - { - png_ptr->try_row = png_ptr->tst_row; - png_ptr->tst_row = best_row; - } - } - } - - /* Paeth filter */ - if ((filter_to_do == PNG_FILTER_PAETH) != 0) - { - (void) png_setup_paeth_row(png_ptr, bpp, row_bytes, mins); - best_row = png_ptr->try_row; - } - - else if ((filter_to_do & PNG_FILTER_PAETH) != 0) - { - png_size_t sum; - png_size_t lmins = mins; - - sum = png_setup_paeth_row(png_ptr, bpp, row_bytes, lmins); - - if (sum < mins) - { - best_row = png_ptr->try_row; - if (png_ptr->tst_row != NULL) - { - png_ptr->try_row = png_ptr->tst_row; - png_ptr->tst_row = best_row; - } - } - } - - /* Do the actual writing of the filtered row data from the chosen filter. */ - png_write_filtered_row(png_ptr, best_row, row_info->rowbytes+1); - -#endif /* WRITE_FILTER */ -} - - -/* Do the actual writing of a previously filtered row. */ -static void -png_write_filtered_row(png_structrp png_ptr, png_bytep filtered_row, - png_size_t full_row_length/*includes filter byte*/) -{ - png_debug(1, "in png_write_filtered_row"); - - png_debug1(2, "filter = %d", filtered_row[0]); - - png_compress_IDAT(png_ptr, filtered_row, full_row_length, Z_NO_FLUSH); - -#ifdef PNG_WRITE_FILTER_SUPPORTED - /* Swap the current and previous rows */ - if (png_ptr->prev_row != NULL) - { - png_bytep tptr; - - tptr = png_ptr->prev_row; - png_ptr->prev_row = png_ptr->row_buf; - png_ptr->row_buf = tptr; - } -#endif /* WRITE_FILTER */ - - /* Finish row - updates counters and flushes zlib if last row */ - png_write_finish_row(png_ptr); - -#ifdef PNG_WRITE_FLUSH_SUPPORTED - png_ptr->flush_rows++; - - if (png_ptr->flush_dist > 0 && - png_ptr->flush_rows >= png_ptr->flush_dist) - { - png_write_flush(png_ptr); - } -#endif /* WRITE_FLUSH */ -} -#endif /* WRITE */
--- a/src/share/native/sun/security/ec/ECC_JNI.cpp Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/ECC_JNI.cpp Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -217,7 +217,7 @@ */ JNIEXPORT jbyteArray JNICALL Java_sun_security_ec_ECDSASignature_signDigest - (JNIEnv *env, jclass UNUSED(clazz), jbyteArray digest, jbyteArray privateKey, jbyteArray encodedParams, jbyteArray seed) + (JNIEnv *env, jclass UNUSED(clazz), jbyteArray digest, jbyteArray privateKey, jbyteArray encodedParams, jbyteArray seed, jint timing) { jbyte* pDigestBuffer = NULL; jint jDigestLength = env->GetArrayLength(digest); @@ -286,7 +286,7 @@ != SECSuccess) { #else if (ECDSA_SignDigest(&privKey, &signature_item, &digest_item, - (unsigned char *) pSeedBuffer, jSeedLength, 0) != SECSuccess) { + (unsigned char *) pSeedBuffer, jSeedLength, 0, timing) != SECSuccess) { #endif ThrowException(env, KEY_EXCEPTION); goto cleanup;
--- a/src/share/native/sun/security/ec/ecc_impl.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/ecc_impl.h Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -34,7 +34,7 @@ * Dr Vipul Gupta <vipul.gupta@sun.com> and * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories * - * Last Modified Date from the Original Code: November 2013 + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #ifndef _ECC_IMPL_H @@ -284,7 +284,7 @@ const unsigned char* random, int randomlen, int); /* This function has been modified to accept an array of random bytes */ extern SECStatus ECDSA_SignDigest(ECPrivateKey *, SECItem *, const SECItem *, - const unsigned char* random, int randomlen, int); + const unsigned char* random, int randomlen, int, int timing); extern SECStatus ECDSA_VerifyDigest(ECPublicKey *, const SECItem *, const SECItem *, int); extern SECStatus ECDH_Derive(SECItem *, ECParams *, SECItem *, boolean_t,
--- a/src/share/native/sun/security/ec/impl/ec.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ec.c Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -34,7 +34,7 @@ * Dr Vipul Gupta <vipul.gupta@sun.com> and * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories * - * Last Modified Date from the Original Code: November 2016 + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #include "mplogic.h" @@ -87,7 +87,7 @@ */ SECStatus ec_points_mul(const ECParams *params, const mp_int *k1, const mp_int *k2, - const SECItem *pointP, SECItem *pointQ, int kmflag) + const SECItem *pointP, SECItem *pointQ, int kmflag, int timing) { mp_int Px, Py, Qx, Qy; mp_int Gx, Gy, order, irreducible, a, b; @@ -199,9 +199,9 @@ goto cleanup; if ((k2 != NULL) && (pointP != NULL)) { - CHECK_MPI_OK( ECPoints_mul(group, k1, k2, &Px, &Py, &Qx, &Qy) ); + CHECK_MPI_OK( ECPoints_mul(group, k1, k2, &Px, &Py, &Qx, &Qy, timing) ); } else { - CHECK_MPI_OK( ECPoints_mul(group, k1, NULL, NULL, NULL, &Qx, &Qy) ); + CHECK_MPI_OK( ECPoints_mul(group, k1, NULL, NULL, NULL, &Qx, &Qy, timing) ); } /* Construct the SECItem representation of point Q */ @@ -332,7 +332,8 @@ CHECK_MPI_OK( mp_read_unsigned_octets(&k, key->privateValue.data, (mp_size) len) ); - rv = ec_points_mul(ecParams, &k, NULL, NULL, &(key->publicValue), kmflag); + /* key generation does not support timing mitigation */ + rv = ec_points_mul(ecParams, &k, NULL, NULL, &(key->publicValue), kmflag, /*timing*/ 0); if (rv != SECSuccess) goto cleanup; *privKey = key; @@ -609,7 +610,8 @@ } /* Multiply our private key and peer's public point */ - if ((ec_points_mul(ecParams, NULL, &k, publicValue, &pointQ, kmflag) != SECSuccess) || + /* ECDH doesn't support timing mitigation */ + if ((ec_points_mul(ecParams, NULL, &k, publicValue, &pointQ, kmflag, /*timing*/ 0) != SECSuccess) || ec_point_at_infinity(&pointQ)) goto cleanup; @@ -644,7 +646,8 @@ */ SECStatus ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, - const SECItem *digest, const unsigned char *kb, const int kblen, int kmflag) + const SECItem *digest, const unsigned char *kb, const int kblen, int kmflag, + int timing) { SECStatus rv = SECFailure; mp_int x1; @@ -714,16 +717,6 @@ } /* - * Using an equivalent exponent of fixed length (same as n or 1 bit less - * than n) to keep the kG timing relatively constant. - * - * Note that this is an extra step on top of the approach defined in - * ANSI X9.62 so as to make a fixed length K. - */ - CHECK_MPI_OK( mp_add(&k, &n, &k) ); - CHECK_MPI_OK( mp_div_2(&k, &k) ); - - /* ** ANSI X9.62, Section 5.3.2, Step 2 ** ** Compute kG @@ -731,7 +724,7 @@ kGpoint.len = 2*flen + 1; kGpoint.data = PORT_Alloc(2*flen + 1, kmflag); if ((kGpoint.data == NULL) || - (ec_points_mul(ecParams, &k, NULL, NULL, &kGpoint, kmflag) + (ec_points_mul(ecParams, &k, NULL, NULL, &kGpoint, kmflag, timing) != SECSuccess)) goto cleanup; @@ -853,7 +846,7 @@ */ SECStatus ECDSA_SignDigest(ECPrivateKey *key, SECItem *signature, const SECItem *digest, - const unsigned char* random, int randomLen, int kmflag) + const unsigned char* random, int randomLen, int kmflag, int timing) { SECStatus rv = SECFailure; int len; @@ -871,7 +864,7 @@ if (kBytes == NULL) goto cleanup; /* Generate ECDSA signature with the specified k value */ - rv = ECDSA_SignDigestWithSeed(key, signature, digest, kBytes, len, kmflag); + rv = ECDSA_SignDigestWithSeed(key, signature, digest, kBytes, len, kmflag, timing); cleanup: if (kBytes) { @@ -1017,7 +1010,8 @@ ** Here, A = u1.G B = u2.Q and C = A + B ** If the result, C, is the point at infinity, reject the signature */ - if (ec_points_mul(ecParams, &u1, &u2, &key->publicValue, &pointC, kmflag) + /* verification does not support timing mitigation */ + if (ec_points_mul(ecParams, &u1, &u2, &key->publicValue, &pointC, kmflag, /*timing*/ 0) != SECSuccess) { rv = SECFailure; goto cleanup;
--- a/src/share/native/sun/security/ec/impl/ec2.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ec2.h Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -33,6 +33,7 @@ * Contributor(s): * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories * + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #ifndef _EC2_H @@ -79,7 +80,7 @@ * determines the field GF2m. Uses Montgomery projective coordinates. */ mp_err ec_GF2m_pt_mul_mont(const mp_int *n, const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry, - const ECGroup *group); + const ECGroup *group, int timing); #ifdef ECL_ENABLE_GF2M_PROJ /* Converts a point P(px, py) from affine coordinates to projective
--- a/src/share/native/sun/security/ec/impl/ec2_aff.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ec2_aff.c Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -33,6 +33,7 @@ * Contributor(s): * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories * + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #include "ec2.h" @@ -329,7 +330,8 @@ /* 4: Verify that the order of the curve times the publicValue * is the point at infinity. */ - MP_CHECKOK( ECPoint_mul(group, &group->order, px, py, &pxt, &pyt) ); + /* timing mitigation is not supported */ + MP_CHECKOK( ECPoint_mul(group, &group->order, px, py, &pxt, &pyt, /*timing*/ 0) ); if (ec_GF2m_pt_is_inf_aff(&pxt, &pyt) != MP_YES) { res = MP_NO; goto CLEANUP;
--- a/src/share/native/sun/security/ec/impl/ec2_mont.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ec2_mont.c Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -35,6 +35,7 @@ * Stephen Fung <fungstep@hotmail.com>, and * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories. * + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #include "ec2.h" @@ -181,10 +182,12 @@ /* Computes R = nP based on algorithm 2P of Lopex, J. and Dahab, R. "Fast * multiplication on elliptic curves over GF(2^m) without * precomputation". Elliptic curve points P and R can be identical. Uses - * Montgomery projective coordinates. */ + * Montgomery projective coordinates. The timing parameter is ignored + * because this algorithm resists timing attacks by default. */ mp_err ec_GF2m_pt_mul_mont(const mp_int *n, const mp_int *px, const mp_int *py, - mp_int *rx, mp_int *ry, const ECGroup *group) + mp_int *rx, mp_int *ry, const ECGroup *group, + int timing) { mp_err res = MP_OKAY; mp_int x1, x2, z1, z2;
--- a/src/share/native/sun/security/ec/impl/ecl-priv.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ecl-priv.h Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -34,6 +34,7 @@ * Stephen Fung <fungstep@hotmail.com> and * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories * + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #ifndef _ECL_PRIV_H @@ -193,12 +194,13 @@ mp_int *ry, const ECGroup *group); mp_err (*point_mul) (const mp_int *n, const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry, - const ECGroup *group); + const ECGroup *group, int timing); mp_err (*base_point_mul) (const mp_int *n, mp_int *rx, mp_int *ry, const ECGroup *group); mp_err (*points_mul) (const mp_int *k1, const mp_int *k2, const mp_int *px, const mp_int *py, mp_int *rx, - mp_int *ry, const ECGroup *group); + mp_int *ry, const ECGroup *group, + int timing); mp_err (*validate_point) (const mp_int *px, const mp_int *py, const ECGroup *group); /* Extra storage for implementation-specific data. Any memory * allocated to these extra fields will be cleared by extra_free. */ @@ -262,10 +264,12 @@ /* point multiplication */ mp_err ec_pts_mul_basic(const mp_int *k1, const mp_int *k2, const mp_int *px, const mp_int *py, mp_int *rx, - mp_int *ry, const ECGroup *group); + mp_int *ry, const ECGroup *group, + int timing); mp_err ec_pts_mul_simul_w2(const mp_int *k1, const mp_int *k2, const mp_int *px, const mp_int *py, mp_int *rx, - mp_int *ry, const ECGroup *group); + mp_int *ry, const ECGroup *group, + int timing); /* Computes the windowed non-adjacent-form (NAF) of a scalar. Out should * be an array of signed char's to output to, bitsize should be the number
--- a/src/share/native/sun/security/ec/impl/ecl.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ecl.h Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -33,6 +33,7 @@ * Contributor(s): * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories * + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #ifndef _ECL_H @@ -70,7 +71,8 @@ * of the group of points on the elliptic curve. Input and output values * are assumed to be NOT field-encoded. */ mp_err ECPoint_mul(const ECGroup *group, const mp_int *k, const mp_int *px, - const mp_int *py, mp_int *qx, mp_int *qy); + const mp_int *py, mp_int *qx, mp_int *qy, + int timing); /* Elliptic curve scalar-point multiplication. Computes Q(x, y) = k1 * G + * k2 * P(x, y), where G is the generator (base point) of the group of @@ -78,7 +80,7 @@ * be NOT field-encoded. */ mp_err ECPoints_mul(const ECGroup *group, const mp_int *k1, const mp_int *k2, const mp_int *px, const mp_int *py, - mp_int *qx, mp_int *qy); + mp_int *qx, mp_int *qy, int timing); /* Validates an EC public key as described in Section 5.2.2 of X9.62. * Returns MP_YES if the public key is valid, MP_NO if the public key
--- a/src/share/native/sun/security/ec/impl/ecl_mult.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ecl_mult.c Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -49,7 +49,8 @@ * are assumed to be NOT field-encoded. */ mp_err ECPoint_mul(const ECGroup *group, const mp_int *k, const mp_int *px, - const mp_int *py, mp_int *rx, mp_int *ry) + const mp_int *py, mp_int *rx, mp_int *ry, + int timing) { mp_err res = MP_OKAY; mp_int kt; @@ -74,15 +75,15 @@ } else { MP_CHECKOK(group-> point_mul(&kt, &group->genx, &group->geny, rx, ry, - group)); + group, timing)); } } else { if (group->meth->field_enc) { MP_CHECKOK(group->meth->field_enc(px, rx, group->meth)); MP_CHECKOK(group->meth->field_enc(py, ry, group->meth)); - MP_CHECKOK(group->point_mul(&kt, rx, ry, rx, ry, group)); + MP_CHECKOK(group->point_mul(&kt, rx, ry, rx, ry, group, timing)); } else { - MP_CHECKOK(group->point_mul(&kt, px, py, rx, ry, group)); + MP_CHECKOK(group->point_mul(&kt, px, py, rx, ry, group, timing)); } } if (group->meth->field_dec) { @@ -104,7 +105,7 @@ mp_err ec_pts_mul_basic(const mp_int *k1, const mp_int *k2, const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry, - const ECGroup *group) + const ECGroup *group, int timing) { mp_err res = MP_OKAY; mp_int sx, sy; @@ -116,9 +117,9 @@ /* if some arguments are not defined used ECPoint_mul */ if (k1 == NULL) { - return ECPoint_mul(group, k2, px, py, rx, ry); + return ECPoint_mul(group, k2, px, py, rx, ry, timing); } else if ((k2 == NULL) || (px == NULL) || (py == NULL)) { - return ECPoint_mul(group, k1, NULL, NULL, rx, ry); + return ECPoint_mul(group, k1, NULL, NULL, rx, ry, timing); } MP_DIGITS(&sx) = 0; @@ -126,8 +127,8 @@ MP_CHECKOK(mp_init(&sx, FLAG(k1))); MP_CHECKOK(mp_init(&sy, FLAG(k1))); - MP_CHECKOK(ECPoint_mul(group, k1, NULL, NULL, &sx, &sy)); - MP_CHECKOK(ECPoint_mul(group, k2, px, py, rx, ry)); + MP_CHECKOK(ECPoint_mul(group, k1, NULL, NULL, &sx, &sy, timing)); + MP_CHECKOK(ECPoint_mul(group, k2, px, py, rx, ry, timing)); if (group->meth->field_enc) { MP_CHECKOK(group->meth->field_enc(&sx, &sx, group->meth)); @@ -159,7 +160,7 @@ mp_err ec_pts_mul_simul_w2(const mp_int *k1, const mp_int *k2, const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry, - const ECGroup *group) + const ECGroup *group, int timing) { mp_err res = MP_OKAY; mp_int precomp[4][4][2]; @@ -174,9 +175,9 @@ /* if some arguments are not defined used ECPoint_mul */ if (k1 == NULL) { - return ECPoint_mul(group, k2, px, py, rx, ry); + return ECPoint_mul(group, k2, px, py, rx, ry, timing); } else if ((k2 == NULL) || (px == NULL) || (py == NULL)) { - return ECPoint_mul(group, k1, NULL, NULL, rx, ry); + return ECPoint_mul(group, k1, NULL, NULL, rx, ry, timing); } /* initialize precomputation table */ @@ -308,7 +309,8 @@ * Input and output values are assumed to be NOT field-encoded. */ mp_err ECPoints_mul(const ECGroup *group, const mp_int *k1, const mp_int *k2, - const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry) + const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry, + int timing) { mp_err res = MP_OKAY; mp_int k1t, k2t; @@ -345,9 +347,9 @@ /* if points_mul is defined, then use it */ if (group->points_mul) { - res = group->points_mul(k1p, k2p, px, py, rx, ry, group); + res = group->points_mul(k1p, k2p, px, py, rx, ry, group, timing); } else { - res = ec_pts_mul_simul_w2(k1p, k2p, px, py, rx, ry, group); + res = ec_pts_mul_simul_w2(k1p, k2p, px, py, rx, ry, group, timing); } CLEANUP:
--- a/src/share/native/sun/security/ec/impl/ecp.h Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ecp.h Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -33,6 +33,7 @@ * Contributor(s): * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories * + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #ifndef _ECP_H @@ -122,7 +123,7 @@ mp_err ec_GFp_pts_mul_jac(const mp_int *k1, const mp_int *k2, const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry, - const ECGroup *group); + const ECGroup *group, int timing); /* Computes R = nP where R is (rx, ry) and P is the base point. Elliptic * curve points P and R can be identical. Uses mixed Modified-Jacobian @@ -131,9 +132,13 @@ * returns output that is still field-encoded. Uses 5-bit window NAF * method (algorithm 11) for scalar-point multiplication from Brown, * Hankerson, Lopez, Menezes. Software Implementation of the NIST Elliptic - * Curves Over Prime Fields. */ + * Curves Over Prime Fields. The implementation includes a countermeasure + * that attempts to hide the size of n from timing channels. This counter- + * measure is enabled using the timing argument. The high-rder bits of timing + * must be uniformly random in order for this countermeasure to work. */ mp_err ec_GFp_pt_mul_jm_wNAF(const mp_int *n, const mp_int *px, const mp_int *py, - mp_int *rx, mp_int *ry, const ECGroup *group); + mp_int *rx, mp_int *ry, const ECGroup *group, + int timing); #endif /* _ECP_H */
--- a/src/share/native/sun/security/ec/impl/ecp_aff.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ecp_aff.c Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -38,6 +38,7 @@ * Nils Larsch <nla@trustcenter.de>, and * Lenka Fibikova <fibikova@exp-math.uni-essen.de>, the OpenSSL Project * + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #include "ecp.h" @@ -340,7 +341,8 @@ /* 4: Verify that the order of the curve times the publicValue * is the point at infinity. */ - MP_CHECKOK( ECPoint_mul(group, &group->order, px, py, &pxt, &pyt) ); + /* timing mitigation is not supported */ + MP_CHECKOK( ECPoint_mul(group, &group->order, px, py, &pxt, &pyt, /*timing*/ 0) ); if (ec_GFp_pt_is_inf_aff(&pxt, &pyt) != MP_YES) { res = MP_NO; goto CLEANUP;
--- a/src/share/native/sun/security/ec/impl/ecp_jac.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ecp_jac.c Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -38,6 +38,7 @@ * Nils Larsch <nla@trustcenter.de>, and * Lenka Fibikova <fibikova@exp-math.uni-essen.de>, the OpenSSL Project * + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #include "ecp.h" @@ -180,6 +181,15 @@ MP_CHECKOK(group->meth->field_mul(&A, qx, &A, group->meth)); MP_CHECKOK(group->meth->field_mul(&B, qy, &B, group->meth)); + /* + * Additional checks for point equality and point at infinity + */ + if (mp_cmp(px, &A) == 0 && mp_cmp(py, &B) == 0) { + /* POINT_DOUBLE(P) */ + MP_CHECKOK(ec_GFp_pt_dbl_jac(px, py, pz, rx, ry, rz, group)); + goto CLEANUP; + } + /* C = A - px, D = B - py */ MP_CHECKOK(group->meth->field_sub(&A, px, &C, group->meth)); MP_CHECKOK(group->meth->field_sub(&B, py, &D, group->meth)); @@ -406,7 +416,7 @@ mp_err ec_GFp_pts_mul_jac(const mp_int *k1, const mp_int *k2, const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry, - const ECGroup *group) + const ECGroup *group, int timing) { mp_err res = MP_OKAY; mp_int precomp[4][4][2]; @@ -430,9 +440,9 @@ /* if some arguments are not defined used ECPoint_mul */ if (k1 == NULL) { - return ECPoint_mul(group, k2, px, py, rx, ry); + return ECPoint_mul(group, k2, px, py, rx, ry, timing); } else if ((k2 == NULL) || (px == NULL) || (py == NULL)) { - return ECPoint_mul(group, k1, NULL, NULL, rx, ry); + return ECPoint_mul(group, k1, NULL, NULL, rx, ry, timing); } /* initialize precomputation table */
--- a/src/share/native/sun/security/ec/impl/ecp_jm.c Tue Jul 11 03:45:17 2017 +0100 +++ b/src/share/native/sun/security/ec/impl/ecp_jm.c Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -33,6 +33,7 @@ * Contributor(s): * Stephen Fung <fungstep@hotmail.com>, Sun Microsystems Laboratories * + * Last Modified Date from the Original Code: May 2017 *********************************************************************** */ #include "ecp.h" @@ -165,6 +166,16 @@ MP_CHECKOK(group->meth->field_mul(A, qx, A, group->meth)); MP_CHECKOK(group->meth->field_mul(B, qy, B, group->meth)); + /* + * Additional checks for point equality and point at infinity + */ + if (mp_cmp(px, A) == 0 && mp_cmp(py, B) == 0) { + /* POINT_DOUBLE(P) */ + MP_CHECKOK(ec_GFp_pt_dbl_jm(px, py, pz, paz4, rx, ry, rz, raz4, + scratch, group)); + goto CLEANUP; + } + /* C = A - px, D = B - py */ MP_CHECKOK(group->meth->field_sub(A, px, C, group->meth)); MP_CHECKOK(group->meth->field_sub(B, py, D, group->meth)); @@ -213,19 +224,23 @@ * Curves Over Prime Fields. */ mp_err ec_GFp_pt_mul_jm_wNAF(const mp_int *n, const mp_int *px, const mp_int *py, - mp_int *rx, mp_int *ry, const ECGroup *group) + mp_int *rx, mp_int *ry, const ECGroup *group, + int timing) { mp_err res = MP_OKAY; - mp_int precomp[16][2], rz, tpx, tpy; - mp_int raz4; + mp_int precomp[16][2], rz, tpx, tpy, tpz; + mp_int raz4, tpaz4; mp_int scratch[MAX_SCRATCH]; signed char *naf = NULL; int i, orderBitSize; + int numDoubles, numAdds, extraDoubles, extraAdds; MP_DIGITS(&rz) = 0; MP_DIGITS(&raz4) = 0; MP_DIGITS(&tpx) = 0; MP_DIGITS(&tpy) = 0; + MP_DIGITS(&tpz) = 0; + MP_DIGITS(&tpaz4) = 0; for (i = 0; i < 16; i++) { MP_DIGITS(&precomp[i][0]) = 0; MP_DIGITS(&precomp[i][1]) = 0; @@ -239,7 +254,9 @@ /* initialize precomputation table */ MP_CHECKOK(mp_init(&tpx, FLAG(n))); - MP_CHECKOK(mp_init(&tpy, FLAG(n)));; + MP_CHECKOK(mp_init(&tpy, FLAG(n))); + MP_CHECKOK(mp_init(&tpz, FLAG(n))); + MP_CHECKOK(mp_init(&tpaz4, FLAG(n))); MP_CHECKOK(mp_init(&rz, FLAG(n))); MP_CHECKOK(mp_init(&raz4, FLAG(n))); @@ -295,19 +312,64 @@ /* Compute 5NAF */ ec_compute_wNAF(naf, orderBitSize, n, 5); + numAdds = 0; + numDoubles = orderBitSize; /* wNAF method */ for (i = orderBitSize; i >= 0; i--) { + + if (ec_GFp_pt_is_inf_jac(rx, ry, &rz) == MP_YES) { + numDoubles--; + } + /* R = 2R */ ec_GFp_pt_dbl_jm(rx, ry, &rz, &raz4, rx, ry, &rz, &raz4, scratch, group); + if (naf[i] != 0) { ec_GFp_pt_add_jm_aff(rx, ry, &rz, &raz4, &precomp[(naf[i] + 15) / 2][0], &precomp[(naf[i] + 15) / 2][1], rx, ry, &rz, &raz4, scratch, group); + numAdds++; } } + /* extra operations to make timing less dependent on secrets */ + if (timing) { + /* low-order bit of timing argument contains no entropy */ + timing >>= 1; + + MP_CHECKOK(ec_GFp_pt_set_inf_jac(&tpx, &tpy, &tpz)); + mp_zero(&tpaz4); + + /* Set the temp value to a non-infinite point */ + ec_GFp_pt_add_jm_aff(&tpx, &tpy, &tpz, &tpaz4, + &precomp[8][0], + &precomp[8][1], &tpx, &tpy, + &tpz, &tpaz4, scratch, group); + + /* two bits of extra adds */ + extraAdds = timing & 0x3; + timing >>= 2; + /* Window size is 5, so the maximum number of additions is ceil(orderBitSize/5) */ + /* This is the same as (orderBitSize + 4) / 5 */ + for(i = numAdds; i <= (orderBitSize + 4) / 5 + extraAdds; i++) { + ec_GFp_pt_add_jm_aff(&tpx, &tpy, &tpz, &tpaz4, + &precomp[9 + (i % 3)][0], + &precomp[9 + (i % 3)][1], &tpx, &tpy, + &tpz, &tpaz4, scratch, group); + } + + /* two bits of extra doubles */ + extraDoubles = timing & 0x3; + timing >>= 2; + for(i = numDoubles; i <= orderBitSize + extraDoubles; i++) { + ec_GFp_pt_dbl_jm(&tpx, &tpy, &tpz, &tpaz4, &tpx, &tpy, &tpz, + &tpaz4, scratch, group); + } + + } + /* convert result S to affine coordinates */ MP_CHECKOK(ec_GFp_pt_jac2aff(rx, ry, &rz, rx, ry, group)); @@ -321,6 +383,8 @@ } mp_clear(&tpx); mp_clear(&tpy); + mp_clear(&tpz); + mp_clear(&tpaz4); mp_clear(&rz); mp_clear(&raz4); #ifdef _KERNEL
--- a/src/windows/native/sun/windows/ShellFolder2.cpp Tue Jul 11 03:45:17 2017 +0100 +++ b/src/windows/native/sun/windows/ShellFolder2.cpp Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -192,14 +192,19 @@ static jstring jstringFromSTRRET(JNIEnv* env, LPITEMIDLIST pidl, STRRET* pStrret) { switch (pStrret->uType) { case STRRET_CSTR : - return JNU_NewStringPlatform(env, reinterpret_cast<const char*>(pStrret->cStr)); + if (pStrret->cStr != NULL) { + return JNU_NewStringPlatform(env, reinterpret_cast<const char*>(pStrret->cStr)); + } + break; case STRRET_OFFSET : // Note : this may need to be WCHAR instead return JNU_NewStringPlatform(env, (CHAR*)pidl + pStrret->uOffset); case STRRET_WSTR : - return env->NewString(reinterpret_cast<const jchar*>(pStrret->pOleStr), - static_cast<jsize>(wcslen(pStrret->pOleStr))); + if (pStrret->pOleStr != NULL) { + return env->NewString(reinterpret_cast<const jchar*>(pStrret->pOleStr), + static_cast<jsize>(wcslen(pStrret->pOleStr))); + } } return NULL; }
--- a/test/ProblemList.txt Tue Jul 11 03:45:17 2017 +0100 +++ b/test/ProblemList.txt Wed Jul 19 05:41:28 2017 +0100 @@ -240,6 +240,9 @@ # 8158827 sun/security/krb5/auto/tools/KinitConfPlusProps.java windows-all +# 8160071 ClientJSSEServerJSSE.java test failure +sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java linux-all + ############################################################################ # jdk_sound
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/com/sun/java/swing/plaf/windows/Test8173145.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,123 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* @test + @bug 8173145 + @summary Menu is activated after using mnemonic Alt/Key combination + @modules java.desktop/com.sun.java.swing.plaf.windows + @run main Test8173145 +*/ + +import java.awt.*; +import java.awt.event.KeyEvent; +import java.lang.reflect.InvocationTargetException; + +import javax.swing.*; + +public class Test8173145 { + + private volatile static JButton btn; + private volatile static boolean uiCreated; + + public static void main(String[] args) throws InvocationTargetException, InterruptedException, AWTException { + SwingUtilities.invokeAndWait(new Runnable() { + @Override + public void run() { + try { + uiCreated = createGUI(); + } catch (Exception e) { + e.printStackTrace(); + } + } + }); + + if (uiCreated) { + test(); + } else { + //no windows l&f, skip the test + } + } + + private static void test() { + final Robot robot; + try { + robot = new Robot(); + } catch (AWTException e) { + throw new RuntimeException(e); + } + robot.setAutoDelay(100); + robot.waitForIdle(); + + robot.keyPress(KeyEvent.VK_ALT); + robot.keyPress(KeyEvent.VK_M); + robot.keyRelease(KeyEvent.VK_M); + robot.keyRelease(KeyEvent.VK_ALT); + + Component focusOwner = KeyboardFocusManager.getCurrentKeyboardFocusManager().getFocusOwner(); + + if (focusOwner != btn) { + throw new RuntimeException("Wrong focus owner"); + } + } + + private static boolean createGUI() { + try { + UIManager.setLookAndFeel("com.sun.java.swing.plaf.windows.WindowsLookAndFeel"); + } catch (Exception e) { + return false; + } + JFrame f = new JFrame(); + + JPanel panel = new JPanel(); + btn = new JButton("Mmmmm"); + btn.setMnemonic(KeyEvent.VK_M); + btn.setDisplayedMnemonicIndex(0); + panel.add(btn); + + JTextField tf = new JTextField(); + tf.setColumns(10); + panel.add(tf); + + f.setJMenuBar(getMenuBar()); + f.add(panel); + f.pack(); + f.setVisible(true); + tf.requestFocus(); + return true; + } + + static JMenuBar getMenuBar() { + JMenuBar menuBar; + JMenu menu; + + menuBar = new JMenuBar(); + + menu = new JMenu("Menu"); + menuBar.add(menu); + + JMenuItem mi = new JMenuItem("test"); + menu.add(mi); + + return menuBar; + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/java/awt/print/PrinterJob/PrintCrashTest.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,77 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8163889 + * @summary Printing crashes on OSX. + * @run main PrintCrashTest + */ + +import javax.print.attribute.HashPrintRequestAttributeSet; +import javax.print.attribute.standard.Destination; + +import java.awt.GraphicsEnvironment; +import java.awt.Rectangle; +import java.awt.Shape; +import java.awt.Transparency; +import java.awt.image.BufferedImage; +import java.awt.print.Printable; +import java.awt.print.PrinterJob; + +import java.io.File; + +public class PrintCrashTest { + public static void main(String[] args) throws Exception { + PrinterJob printerJob = PrinterJob.getPrinterJob(); + printerJob.setPrintable((graphics, pageFormat, pageIndex) -> { + if (pageIndex != 0) { + return Printable.NO_SUCH_PAGE; + } else { + Shape shape = new Rectangle(110, 110, 10, 10); + Rectangle rect = shape.getBounds(); + + BufferedImage image = GraphicsEnvironment.getLocalGraphicsEnvironment().getDefaultScreenDevice() + .getDefaultConfiguration().createCompatibleImage(rect.width, rect.height, Transparency.BITMASK); + graphics.drawImage(image, rect.x, rect.y, rect.width, rect.height, null); + + return Printable.PAGE_EXISTS; + } + }); + + File file = null; + try { + HashPrintRequestAttributeSet hashPrintRequestAttributeSet = new HashPrintRequestAttributeSet(); + file = File.createTempFile("out", "ps"); + file.deleteOnExit(); + Destination destination = new Destination(file.toURI()); + hashPrintRequestAttributeSet.add(destination); + printerJob.print(hashPrintRequestAttributeSet); + } finally { + if (file != null) { + file.delete(); + } + } + } +} +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/java/lang/invoke/PermuteArgsReturnVoidTest.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* @test + * @bug 8184119 + * @summary test permutation when return value is directly derived from an argument + * @run testng/othervm test.java.lang.invoke.PermuteArgsReturnVoidTest + */ + + +package test.java.lang.invoke; + +import org.testng.Assert; +import org.testng.annotations.Test; + +import java.lang.invoke.MethodHandle; +import java.lang.invoke.MethodHandles; +import java.lang.invoke.MethodType; + +import static java.lang.invoke.MethodHandles.dropArguments; +import static java.lang.invoke.MethodHandles.identity; + +public class PermuteArgsReturnVoidTest { + + static String consumeIdentity(String s, int i1, int i2) { + return s; + } + + static void consumeVoid(String s, int i1, int i2) { + } + + @Test + public void testReturnOnStack() throws Throwable { + MethodHandles.Lookup l = MethodHandles.lookup(); + + MethodHandle consumeIdentity = l.findStatic( + PermuteArgsReturnVoidTest.class, "consumeIdentity", + MethodType.methodType(String.class, String.class, int.class, int.class)); + MethodHandle consumeVoid = l.findStatic( + PermuteArgsReturnVoidTest.class, "consumeVoid", + MethodType.methodType(void.class, String.class, int.class, int.class)); + + MethodHandle f = MethodHandles.foldArguments(consumeIdentity, consumeVoid); + + MethodHandle p = MethodHandles.permuteArguments(f, MethodType.methodType(String.class, String.class, int.class, int.class), 0, 2, 1); + + String s = (String) p.invoke("IN", 0, 0); + Assert.assertEquals(s.getClass(), String.class); + Assert.assertEquals(s, "IN"); + } + + @Test + public void testReturnFromArg() throws Throwable { + MethodHandles.Lookup l = MethodHandles.lookup(); + + MethodHandle consumeIdentity = dropArguments( + identity(String.class), 1, int.class, int.class); + MethodHandle consumeVoid = l.findStatic( + PermuteArgsReturnVoidTest.class, "consumeVoid", + MethodType.methodType(void.class, String.class, int.class, int.class)); + + MethodHandle f = MethodHandles.foldArguments(consumeIdentity, consumeVoid); + + MethodHandle p = MethodHandles.permuteArguments(f, MethodType.methodType(String.class, String.class, int.class, int.class), 0, 2, 1); + + String s = (String) p.invoke("IN", 0, 0); + Assert.assertEquals(s.getClass(), String.class); + Assert.assertEquals(s, "IN"); + } +} +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/java/rmi/activation/nonLocalActivation/NonLocalActivationTest.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,190 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.net.InetAddress; +import java.rmi.AccessException; +import java.rmi.activation.ActivationSystem; +import java.rmi.registry.LocateRegistry; +import java.rmi.registry.Registry; +import java.util.Set; +import java.util.HashSet; + +/* + * @test + * @bug 8174770 + * @summary Verify that ActivationSystem rejects non-local access. + * The test is manual because the (non-local) host running rmid must be supplied as a property. + * @run main/manual/othervm -Dactivation.host=rmid-host NonLocalActivationTest + */ + +/** + * Lookup the ActivationSystem on a different host and invoke its remote interface methods. + * They should all throw an exception, non-local access is prohibited. + * + * This test is a manual test and uses rmid running on a *different* host. + * The default port (1098) for the Activation System is ok and expected. + * Login or ssh to the different host and invoke {@code $JDK_HOME/bin/rmid}. + * It will not show any output. + * + * On the first host modify the @run command above to replace "rmid-host" + * with the hostname or IP address of the different host and run the test with jtreg. + */ +public class NonLocalActivationTest +{ + public static void main(String[] args) throws Exception { + + String host = System.getProperty("activation.host"); + if (host == null || host.isEmpty()) { + throw new RuntimeException("Specify host with system property: -Dactivation.host=<host>"); + } + + // Check if running the test on a local system; it only applies to remote + String myHostName = InetAddress.getLocalHost().getHostName(); + Set<InetAddress> myAddrs = new HashSet<>(); + InetAddress[] myAddrsArr = InetAddress.getAllByName(myHostName); + for (InetAddress a : myAddrsArr) { + myAddrs.add(a); + } + Set<InetAddress> hostAddrs = new HashSet<>(); + InetAddress[] hostAddrsArr = InetAddress.getAllByName(host); + for (InetAddress a : hostAddrsArr) { + hostAddrs.add(a); + } + if (hostAddrs.stream().anyMatch(i -> myAddrs.contains(i)) + || hostAddrs.stream().anyMatch(h -> h.isLoopbackAddress())) { + throw new RuntimeException("Error: property 'activation.host' must not be the local host%n"); + } + + // Locate the registry operated by the ActivationSystem + // Test SystemRegistryImpl + Registry registry = LocateRegistry.getRegistry(host, ActivationSystem.SYSTEM_PORT); + try { + // Verify it is an ActivationSystem registry + registry.lookup("java.rmi.activation.ActivationSystem"); + } catch (Exception nf) { + throw new RuntimeException("Not a ActivationSystem registry, does not contain java.rmi.activation.ActivationSystem", nf); + } + + try { + registry.bind("foo", null); + throw new RuntimeException("Remote access should not succeed for method: bind"); + } catch (Exception e) { + assertIsAccessException(e, "Registry.bind"); + } + + try { + registry.rebind("foo", null); + throw new RuntimeException("Remote access should not succeed for method: rebind"); + } catch (Exception e) { + assertIsAccessException(e, "Registry.rebind"); + } + + try { + registry.unbind("foo"); + throw new RuntimeException("Remote access should not succeed for method: unbind"); + } catch (Exception e) { + assertIsAccessException(e, "Registry.unbind"); + } + + + // Locate the ActivationSystem on the specified host and default port. + // Test each of the ActivationSystem methods + ActivationSystem as = (ActivationSystem) registry.lookup("java.rmi.activation.ActivationSystem"); + + // Argument is not material, access check is before arg processing + + try { + as.registerGroup(null); + } catch (Exception aex) { + assertIsAccessException(aex, "ActivationSystem.nonLocalAccess"); + } + + try { + as.getActivationDesc(null); + } catch (Exception aex) { + assertIsAccessException(aex, "ActivationSystem.nonLocalAccess"); + } + + try { + as.getActivationGroupDesc(null); + } catch (Exception aex) { + assertIsAccessException(aex, "ActivationSystem.nonLocalAccess"); + } + + try { + as.registerObject(null); + } catch (Exception aex) { + assertIsAccessException(aex, "ActivationSystem.nonLocalAccess"); + } + + try { + as.unregisterGroup(null); + } catch (Exception aex) { + assertIsAccessException(aex, "ActivationSystem.nonLocalAccess"); + } + + try { + as.unregisterObject(null); + } catch (Exception aex) { + assertIsAccessException(aex, "ActivationSystem.nonLocalAccess"); + } + + try { + as.setActivationDesc(null, null); + } catch (Exception aex) { + assertIsAccessException(aex, "ActivationSystem.nonLocalAccess"); + } + + try { + as.setActivationGroupDesc(null, null); + } catch (Exception aex) { + assertIsAccessException(aex, "ActivationSystem.nonLocalAccess"); + } + } + + /** + * Check the exception chain for the expected AccessException and message. + * @param ex the exception from the remote invocation. + */ + private static void assertIsAccessException(Exception ex, String msg1) { + Throwable t = ex; + System.out.println(); + while (!(t instanceof AccessException) && t.getCause() != null) { + t = t.getCause(); + } + if (t instanceof AccessException) { + String msg = t.getMessage(); + int asIndex = msg.indexOf(msg1); + int disallowIndex = msg.indexOf("disallowed"); + int nonLocalHostIndex = msg.indexOf("non-local host"); + if (asIndex < 0 || + disallowIndex < 0 || + nonLocalHostIndex < 0 ) { + throw new RuntimeException("exception message is malformed", t); + } + System.out.printf("Found expected AccessException: %s%n", t); + } else { + throw new RuntimeException("AccessException did not occur", ex); + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/java/rmi/registry/nonLocalRegistry/NonLocalRegistryTest.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,129 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.net.InetAddress; +import java.rmi.AccessException; +import java.rmi.registry.LocateRegistry; +import java.rmi.registry.Registry; +import java.util.Set; +import java.util.HashSet; + +/* @test + * @bug 8174770 + * @summary Verify that Registry rejects non-local access for bind, unbind, rebind. + * The test is manual because the (non-local) host running rmiregistry must be supplied as a property. + * @run main/othervm/manual -Dregistry.host=rmi-registry-host NonLocalRegistryTest + */ + +/** + * Verify that access checks for Registry.bind(), .rebind(), and .unbind() + * are prevented on remote access to the registry. + * + * This test is a manual test and uses a standard rmiregistry running + * on a *different* host. + * The test verifies that the access check is performed *before* the object to be + * bound or rebound is deserialized. + * + * Login or ssh to the different host and invoke {@code $JDK_HOME/bin/rmiregistry}. + * It will not show any output. + * + * On the first host modify the @run command above to replace "rmi-registry-host" + * with the hostname or IP address of the different host and run the test with jtreg. + */ +public class NonLocalRegistryTest { + + public static void main(String[] args) throws Exception { + + String host = System.getProperty("registry.host"); + if (host == null || host.isEmpty()) { + throw new RuntimeException("Specify host with system property: -Dregistry.host=<host>"); + } + + // Check if running the test on a local system; it only applies to remote + String myHostName = InetAddress.getLocalHost().getHostName(); + Set<InetAddress> myAddrs = new HashSet<>(); + InetAddress[] myAddrsArr = InetAddress.getAllByName(myHostName); + for (InetAddress a : myAddrsArr) { + myAddrs.add(a); + } + Set<InetAddress> hostAddrs = new HashSet<>(); + InetAddress[] hostAddrsArr = InetAddress.getAllByName(host); + for (InetAddress a : hostAddrsArr) { + hostAddrs.add(a); + } + if (hostAddrs.stream().anyMatch(i -> myAddrs.contains(i)) + || hostAddrs.stream().anyMatch(h -> h.isLoopbackAddress())) { + throw new RuntimeException("Error: property 'registry.host' must not be the local host%n"); + } + + Registry registry = LocateRegistry.getRegistry(host, Registry.REGISTRY_PORT); + + try { + registry.bind("foo", null); + throw new RuntimeException("Remote access should not succeed for method: bind"); + } catch (Exception e) { + assertIsAccessException(e); + } + + try { + registry.rebind("foo", null); + throw new RuntimeException("Remote access should not succeed for method: rebind"); + } catch (Exception e) { + assertIsAccessException(e); + } + + try { + registry.unbind("foo"); + throw new RuntimeException("Remote access should not succeed for method: unbind"); + } catch (Exception e) { + assertIsAccessException(e); + } + } + + /** + * Check the exception chain for the expected AccessException and message. + * @param ex the exception from the remote invocation. + */ + private static void assertIsAccessException(Throwable ex) { + Throwable t = ex; + while (!(t instanceof AccessException) && t.getCause() != null) { + t = t.getCause(); + } + if (t instanceof AccessException) { + String msg = t.getMessage(); + int asIndex = msg.indexOf("Registry"); + int rrIndex = msg.indexOf("Registry.Registry"); // Obsolete error text + int disallowIndex = msg.indexOf("disallowed"); + int nonLocalHostIndex = msg.indexOf("non-local host"); + if (asIndex < 0 || + rrIndex != -1 || + disallowIndex < 0 || + nonLocalHostIndex < 0 ) { + throw new RuntimeException("exception message is malformed", t); + } + System.out.printf("Found expected AccessException: %s%n%n", t); + } else { + throw new RuntimeException("AccessException did not occur when expected", ex); + } + } +}
--- a/test/java/rmi/registry/serialFilter/RegistryFilterTest.java Tue Jul 11 03:45:17 2017 +0100 +++ b/test/java/rmi/registry/serialFilter/RegistryFilterTest.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,24 +21,18 @@ * questions. */ -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; import java.io.IOException; -import java.io.ObjectOutputStream; import java.io.Serializable; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; +import java.rmi.AlreadyBoundException; import java.rmi.MarshalledObject; import java.rmi.NotBoundException; import java.rmi.Remote; import java.rmi.RemoteException; -import java.rmi.AlreadyBoundException; import java.rmi.registry.LocateRegistry; import java.rmi.registry.Registry; +import java.security.Security; import java.util.Objects; -import java.security.Security; import org.testng.Assert; import org.testng.TestNG; @@ -57,7 +51,8 @@ * @summary Test filters for the RMI Registry * @run testng/othervm RegistryFilterTest * @run testng/othervm - * -Dsun.rmi.registry.registryFilter=!java.lang.Long;!RegistryFilterTest$RejectableClass + * -Dsun.rmi.registry.registryFilter=!java.lang.Long;!RegistryFilterTest$RejectableClass;maxdepth=19 + * -Dtest.maxdepth=19 * RegistryFilterTest * @run testng/othervm/policy=security.policy * -Djava.security.properties=${test.src}/java.security-extra1 @@ -68,6 +63,8 @@ private static int port; private static Registry registry; + static final int REGISTRY_MAX_DEPTH = 20; + static final int REGISTRY_MAX_ARRAY = 10000; static final String registryFilter = @@ -125,7 +122,7 @@ /* - * Test registry rejects an object with the max array size + 1. + * Test registry rejects an object with the max array size + 1. */ @Test(dataProvider="bindData") public void simpleBind(String name, Remote obj, boolean blacklisted) throws RemoteException, AlreadyBoundException, NotBoundException { @@ -139,9 +136,9 @@ } /* - * Test registry rejects an object with a well known class - * if blacklisted in the security properties. - */ + * Test registry rejects an object with a well known class + * if blacklisted in the security properties. + */ @Test public void simpleRejectableClass() throws RemoteException, AlreadyBoundException, NotBoundException { RejectableClass r1 = null; @@ -150,9 +147,46 @@ r1 = new RejectableClass(); registry.bind(name, r1); registry.unbind(name); - Assert.assertNull(registryFilter, "Registry filter should not have rejected"); + Assert.assertNull(registryFilter, "Registry filter should have rejected"); + } catch (Exception rex) { + Assert.assertNotNull(registryFilter, "Registry filter should not have rejected"); + } + } + + /* + * Test registry does not reject an object with depth at the built-in limit. + */ + @Test + public void simpleDepthBuiltinNonRejectable() throws RemoteException, AlreadyBoundException, NotBoundException { + int depthOverride = Integer.getInteger("test.maxdepth", REGISTRY_MAX_DEPTH); + depthOverride = Math.min(depthOverride, REGISTRY_MAX_DEPTH); + System.out.printf("overrideDepth: %d, filter: %s%n", depthOverride, registryFilter); + try { + String name = "reject2"; + DepthRejectableClass r1 = DepthRejectableClass.create(depthOverride); + registry.bind(name, r1); + registry.unbind(name); } catch (Exception rex) { - Assert.assertNotNull(registryFilter, "Registry filter should have rejected"); + Assert.fail("Registry filter should not have rejected depth: " + + depthOverride); + } + } + + /* + * Test registry rejects an object with depth at the limit + 1. + */ + @Test + public void simpleDepthRejectable() throws RemoteException, AlreadyBoundException, NotBoundException { + int depthOverride = Integer.getInteger("test.maxdepth", REGISTRY_MAX_DEPTH); + depthOverride = Math.min(depthOverride, REGISTRY_MAX_DEPTH); + System.out.printf("overrideDepth: %d, filter: %s%n", depthOverride, registryFilter); + try { + String name = "reject3"; + DepthRejectableClass r1 = DepthRejectableClass.create(depthOverride + 1); + registry.bind(name, r1); + Assert.fail("Registry filter should have rejected depth: " + depthOverride + 1); + } catch (Exception rex) { + // Rejection expected } } @@ -173,6 +207,7 @@ return super.toString() + "//" + Objects.toString(obj); } } + /** * A simple Serializable Remote object that is passed by value. * It and its contents are checked by the Registry serial filter. @@ -183,4 +218,25 @@ RejectableClass() {} } + /** + * A simple Serializable Remote object that is passed by value. + * It and its contents are checked by the Registry serial filter. + */ + static class DepthRejectableClass implements Serializable, Remote { + private static final long serialVersionUID = 362498820763181264L; + private final DepthRejectableClass next; + + private DepthRejectableClass(DepthRejectableClass next) { + this.next = next; + } + + static DepthRejectableClass create(int depth) { + DepthRejectableClass next = new DepthRejectableClass(null); + for (int i = 1; i < depth; i++) { + next = new DepthRejectableClass(next); + } + return next; + } + } + }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/java/rmi/testlibrary/TestSocketFactory.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,570 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.ByteArrayOutputStream; +import java.io.FilterInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.io.Serializable; +import java.net.InetAddress; +import java.net.ServerSocket; +import java.net.Socket; +import java.net.SocketAddress; +import java.net.SocketException; +import java.net.SocketOption; +import java.nio.channels.ServerSocketChannel; +import java.nio.channels.SocketChannel; +import java.rmi.server.RMIClientSocketFactory; +import java.rmi.server.RMIServerSocketFactory; +import java.rmi.server.RMISocketFactory; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.Objects; +import java.util.Set; + +import org.testng.Assert; +import org.testng.TestNG; +import org.testng.annotations.Test; +import org.testng.annotations.DataProvider; + + +/** + * A RMISocketFactory utility factory to log RMI stream contents and to + * match and replace output stream contents to simulate failures. + */ +public class TestSocketFactory extends RMISocketFactory + implements RMIClientSocketFactory, RMIServerSocketFactory, Serializable { + + private static final long serialVersionUID = 1L; + + private volatile transient byte[] matchBytes; + + private volatile transient byte[] replaceBytes; + + private transient final List<InterposeSocket> sockets = new ArrayList<>(); + + private transient final List<InterposeServerSocket> serverSockets = new ArrayList<>(); + + public static final boolean DEBUG = false; + + /** + * Debugging output can be synchronized with logging of RMI actions. + * + * @param format a printf format + * @param args any args + */ + private static void DEBUG(String format, Object... args) { + if (DEBUG) { + System.err.printf(format, args); + } + } + + /** + * Create a socket factory that creates InputStreams that log + * and OutputStreams that log . + */ + public TestSocketFactory() { + this.matchBytes = new byte[0]; + this.replaceBytes = this.matchBytes; + System.out.printf("Creating TestSocketFactory()%n"); + } + + public void setMatchReplaceBytes(byte[] matchBytes, byte[] replaceBytes) { + this.matchBytes = Objects.requireNonNull(matchBytes, "matchBytes"); + this.replaceBytes = Objects.requireNonNull(replaceBytes, "replaceBytes"); + sockets.forEach( s -> s.setMatchReplaceBytes(matchBytes, replaceBytes)); + serverSockets.forEach( s -> s.setMatchReplaceBytes(matchBytes, replaceBytes)); + + } + + @Override + public Socket createSocket(String host, int port) throws IOException { + Socket socket = RMISocketFactory.getDefaultSocketFactory() + .createSocket(host, port); + InterposeSocket s = new InterposeSocket(socket, matchBytes, replaceBytes); + sockets.add(s); + return s; + } + + /** + * Return the current list of sockets. + * @return Return a snapshot of the current list of sockets + */ + public List<InterposeSocket> getSockets() { + List<InterposeSocket> snap = new ArrayList<>(sockets); + return snap; + } + + @Override + public ServerSocket createServerSocket(int port) throws IOException { + + ServerSocket serverSocket = RMISocketFactory.getDefaultSocketFactory() + .createServerSocket(port); + InterposeServerSocket ss = new InterposeServerSocket(serverSocket, matchBytes, replaceBytes); + serverSockets.add(ss); + return ss; + } + + /** + * Return the current list of server sockets. + * @return Return a snapshot of the current list of server sockets + */ + public List<InterposeServerSocket> getServerSockets() { + List<InterposeServerSocket> snap = new ArrayList<>(serverSockets); + return snap; + } + + /** + * An InterposeSocket wraps a socket that produces InputStreams + * and OutputStreams that log the traffic. + * The OutputStreams it produces match an array of bytes and replace them. + * Useful for injecting protocol and content errors. + */ + public static class InterposeSocket extends Socket { + private final Socket socket; + private InputStream in; + private MatchReplaceOutputStream out; + private volatile byte[] matchBytes; + private volatile byte[] replaceBytes; + private final ByteArrayOutputStream inLogStream; + private final ByteArrayOutputStream outLogStream; + private final String name; + private static volatile int num = 0; // index for created InterposeSockets + + public InterposeSocket(Socket socket, byte[] matchBytes, byte[] replaceBytes) { + this.socket = socket; + this.matchBytes = Objects.requireNonNull(matchBytes, "matchBytes"); + this.replaceBytes = Objects.requireNonNull(replaceBytes, "replaceBytes"); + this.inLogStream = new ByteArrayOutputStream(); + this.outLogStream = new ByteArrayOutputStream(); + this.name = "IS" + ++num + "::" + + Thread.currentThread().getName() + ": " + + socket.getLocalPort() + " < " + socket.getPort(); + } + + public void setMatchReplaceBytes(byte[] matchBytes, byte[] replaceBytes) { + this.matchBytes = matchBytes; + this.replaceBytes = replaceBytes; + out.setMatchReplaceBytes(matchBytes, replaceBytes); + } + + @Override + public void connect(SocketAddress endpoint) throws IOException { + socket.connect(endpoint); + } + + @Override + public void connect(SocketAddress endpoint, int timeout) throws IOException { + socket.connect(endpoint, timeout); + } + + @Override + public void bind(SocketAddress bindpoint) throws IOException { + socket.bind(bindpoint); + } + + @Override + public InetAddress getInetAddress() { + return socket.getInetAddress(); + } + + @Override + public InetAddress getLocalAddress() { + return socket.getLocalAddress(); + } + + @Override + public int getPort() { + return socket.getPort(); + } + + @Override + public int getLocalPort() { + return socket.getLocalPort(); + } + + @Override + public SocketAddress getRemoteSocketAddress() { + return socket.getRemoteSocketAddress(); + } + + @Override + public SocketAddress getLocalSocketAddress() { + return socket.getLocalSocketAddress(); + } + + @Override + public SocketChannel getChannel() { + return socket.getChannel(); + } + + @Override + public synchronized void close() throws IOException { + socket.close(); + } + + @Override + public String toString() { + return "InterposeSocket " + name + ": " + socket.toString(); + } + + @Override + public boolean isConnected() { + return socket.isConnected(); + } + + @Override + public boolean isBound() { + return socket.isBound(); + } + + @Override + public boolean isClosed() { + return socket.isClosed(); + } + + @Override + public synchronized InputStream getInputStream() throws IOException { + if (in == null) { + in = socket.getInputStream(); + String name = Thread.currentThread().getName() + ": " + + socket.getLocalPort() + " < " + socket.getPort(); + in = new LoggingInputStream(in, name, inLogStream); + DEBUG("Created new InterposeInputStream: %s%n", name); + } + return in; + } + + @Override + public synchronized OutputStream getOutputStream() throws IOException { + if (out == null) { + OutputStream o = socket.getOutputStream(); + String name = Thread.currentThread().getName() + ": " + + socket.getLocalPort() + " > " + socket.getPort(); + out = new MatchReplaceOutputStream(o, name, outLogStream, matchBytes, replaceBytes); + DEBUG("Created new MatchReplaceOutputStream: %s%n", name); + } + return out; + } + + /** + * Return the bytes logged from the input stream. + * @return Return the bytes logged from the input stream. + */ + public byte[] getInLogBytes() { + return inLogStream.toByteArray(); + } + + /** + * Return the bytes logged from the output stream. + * @return Return the bytes logged from the output stream. + */ + public byte[] getOutLogBytes() { + return outLogStream.toByteArray(); + } + + } + + /** + * InterposeServerSocket is a ServerSocket that wraps each Socket it accepts + * with an InterposeSocket so that its input and output streams can be monitored. + */ + public static class InterposeServerSocket extends ServerSocket { + private final ServerSocket socket; + private volatile byte[] matchBytes; + private volatile byte[] replaceBytes; + private final List<InterposeSocket> sockets = new ArrayList<>(); + + public InterposeServerSocket(ServerSocket socket, byte[] matchBytes, byte[] replaceBytes) throws IOException { + this.socket = socket; + this.matchBytes = Objects.requireNonNull(matchBytes, "matchBytes"); + this.replaceBytes = Objects.requireNonNull(replaceBytes, "replaceBytes"); + } + + public void setMatchReplaceBytes(byte[] matchBytes, byte[] replaceBytes) { + this.matchBytes = matchBytes; + this.replaceBytes = replaceBytes; + sockets.forEach(s -> s.setMatchReplaceBytes(matchBytes, replaceBytes)); + } + /** + * Return a snapshot of the current list of sockets created from this server socket. + * @return Return a snapshot of the current list of sockets + */ + public List<InterposeSocket> getSockets() { + List<InterposeSocket> snap = new ArrayList<>(sockets); + return snap; + } + + @Override + public void bind(SocketAddress endpoint) throws IOException { + socket.bind(endpoint); + } + + @Override + public void bind(SocketAddress endpoint, int backlog) throws IOException { + socket.bind(endpoint, backlog); + } + + @Override + public InetAddress getInetAddress() { + return socket.getInetAddress(); + } + + @Override + public int getLocalPort() { + return socket.getLocalPort(); + } + + @Override + public SocketAddress getLocalSocketAddress() { + return socket.getLocalSocketAddress(); + } + + @Override + public Socket accept() throws IOException { + Socket s = socket.accept(); + InterposeSocket socket = new InterposeSocket(s, matchBytes, replaceBytes); + sockets.add(socket); + return socket; + } + + @Override + public void close() throws IOException { + socket.close(); + } + + @Override + public ServerSocketChannel getChannel() { + return socket.getChannel(); + } + + @Override + public boolean isClosed() { + return socket.isClosed(); + } + + @Override + public String toString() { + return socket.toString(); + } + + @Override + public synchronized void setSoTimeout(int timeout) throws SocketException { + socket.setSoTimeout(timeout); + } + + @Override + public synchronized int getSoTimeout() throws IOException { + return socket.getSoTimeout(); + } + } + + /** + * LoggingInputStream is a stream and logs all bytes read to it. + * For identification it is given a name. + */ + public static class LoggingInputStream extends FilterInputStream { + private int bytesIn = 0; + private final String name; + private final OutputStream log; + + public LoggingInputStream(InputStream in, String name, OutputStream log) { + super(in); + this.name = name; + this.log = log; + } + + @Override + public int read() throws IOException { + int b = super.read(); + if (b >= 0) { + log.write(b); + bytesIn++; + } + return b; + } + + @Override + public int read(byte[] b, int off, int len) throws IOException { + int bytes = super.read(b, off, len); + if (bytes > 0) { + log.write(b, off, bytes); + bytesIn += bytes; + } + return bytes; + } + + @Override + public int read(byte[] b) throws IOException { + return read(b, 0, b.length); + } + + @Override + public void close() throws IOException { + super.close(); + } + + @Override + public String toString() { + return String.format("%s: In: (%d)", name, bytesIn); + } + } + + /** + * An OutputStream that replaces one string of bytes with another. + * If any range matches, the match starts after the partial match. + */ + static class MatchReplaceOutputStream extends OutputStream { + private final OutputStream out; + private final String name; + private volatile byte[] matchBytes; + private volatile byte[] replaceBytes; + int matchIndex; + private int bytesOut = 0; + private final OutputStream log; + + MatchReplaceOutputStream(OutputStream out, String name, OutputStream log, + byte[] matchBytes, byte[] replaceBytes) { + this.out = out; + this.name = name; + this.matchBytes = Objects.requireNonNull(matchBytes, "matchBytes"); + this.replaceBytes = Objects.requireNonNull(replaceBytes, "replaceBytes"); + matchIndex = 0; + this.log = log; + } + + public void setMatchReplaceBytes(byte[] matchBytes, byte[] replaceBytes) { + this.matchBytes = matchBytes; + this.replaceBytes = replaceBytes; + matchIndex = 0; + } + + + public void write(int b) throws IOException { + b = b & 0xff; + if (matchBytes.length == 0) { + out.write(b); + log.write(b); + bytesOut++; + return; + } + if (b == (matchBytes[matchIndex] & 0xff)) { + if (++matchIndex >= matchBytes.length) { + matchIndex = 0; + DEBUG( "TestSocketFactory MatchReplace %s replaced %d bytes at offset: %d (x%04x)%n", + name, replaceBytes.length, bytesOut, bytesOut); + out.write(replaceBytes); + log.write(replaceBytes); + bytesOut += replaceBytes.length; + } + } else { + if (matchIndex > 0) { + // mismatch, write out any that matched already + if (matchIndex > 0) // Only non-trivial matches + DEBUG( "Partial match %s matched %d bytes at offset: %d (0x%04x), expected: x%02x, actual: x%02x%n", + name, matchIndex, bytesOut, bytesOut, matchBytes[matchIndex], b); + out.write(matchBytes, 0, matchIndex); + log.write(matchBytes, 0, matchIndex); + bytesOut += matchIndex; + matchIndex = 0; + } + if (b == (matchBytes[matchIndex] & 0xff)) { + matchIndex++; + } else { + out.write(b); + log.write(b); + bytesOut++; + } + } + } + + @Override + public String toString() { + return String.format("%s: Out: (%d)", name, bytesOut); + } + } + + private static byte[] orig = new byte[]{ + (byte) 0x80, 0x05, + 0x73, 0x72, 0x00, 0x12, // TC_OBJECT, TC_CLASSDESC, length = 18 + 0x6A, 0x61, 0x76, 0x61, 0x2E, 0x72, 0x6D, 0x69, 0x2E, // "java.rmi." + 0x64, 0x67, 0x63, 0x2E, 0x4C, 0x65, 0x61, 0x73, 0x65 // "dgc.Lease" + }; + private static byte[] repl = new byte[]{ + (byte) 0x80, 0x05, + 0x73, 0x72, 0x00, 0x12, // TC_OBJECT, TC_CLASSDESC, length = 18 + 0x6A, 0x61, 0x76, 0x61, 0x2E, (byte) 'l', (byte) 'a', (byte) 'n', (byte) 'g', + 0x2E, (byte) 'R', (byte) 'u', (byte) 'n', (byte) 'n', (byte) 'a', (byte) 'b', (byte) 'l', + (byte) 'e' + }; + + @DataProvider(name = "MatchReplaceData") + static Object[][] matchReplaceData() { + byte[] empty = new byte[0]; + byte[] byte1 = new byte[]{1, 2, 3, 4, 5, 6}; + byte[] bytes2 = new byte[]{1, 2, 4, 3, 5, 6}; + byte[] bytes3 = new byte[]{6, 5, 4, 3, 2, 1}; + byte[] bytes4 = new byte[]{1, 2, 0x10, 0x20, 0x30, 0x40, 5, 6}; + byte[] bytes4a = new byte[]{1, 2, 0x10, 0x20, 0x30, 0x40, 5, 7}; // mostly matches bytes4 + byte[] bytes5 = new byte[]{0x30, 0x40, 5, 6}; + byte[] bytes6 = new byte[]{1, 2, 0x10, 0x20, 0x30}; + + return new Object[][]{ + {new byte[]{}, new byte[]{}, empty, empty}, + {new byte[]{}, new byte[]{}, byte1, byte1}, + {new byte[]{3, 4}, new byte[]{4, 3}, byte1, bytes2}, //swap bytes + {new byte[]{3, 4}, new byte[]{0x10, 0x20, 0x30, 0x40}, byte1, bytes4}, // insert + {new byte[]{1, 2, 0x10, 0x20}, new byte[]{}, bytes4, bytes5}, // delete head + {new byte[]{0x40, 5, 6}, new byte[]{}, bytes4, bytes6}, // delete tail + {new byte[]{0x40, 0x50}, new byte[]{0x60, 0x50}, bytes4, bytes4}, // partial match, replace nothing + {bytes4a, bytes3, bytes4, bytes4}, // long partial match, not replaced + {orig, repl, orig, repl}, + }; + } + + @Test(enabled = true, dataProvider = "MatchReplaceData") + static void test3(byte[] match, byte[] replace, + byte[] input, byte[] expected) { + System.out.printf("match: %s, replace: %s%n", Arrays.toString(match), Arrays.toString(replace)); + try (ByteArrayOutputStream output = new ByteArrayOutputStream(); + ByteArrayOutputStream log = new ByteArrayOutputStream(); + OutputStream out = new MatchReplaceOutputStream(output, "test3", + log, match, replace)) { + out.write(input); + byte[] actual = output.toByteArray(); + + if (!Arrays.equals(actual, expected)) { + System.out.printf("actual: %s%n", Arrays.toString(actual)); + System.out.printf("expected: %s%n", Arrays.toString(expected)); + } + Assert.assertEquals(actual, expected, "match/replace fail"); + } catch (IOException ioe) { + Assert.fail("unexpected exception", ioe); + } + } + + + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/javax/management/remote/nonLocalAccess/NonLocalJMXRemoteTest.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,142 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.net.InetAddress; +import java.rmi.AccessException; +import java.rmi.NotBoundException; +import java.rmi.registry.LocateRegistry; +import java.rmi.registry.Registry; +import java.util.Set; +import java.util.HashSet; + +/* @test + * @bug 8174770 + * @summary Verify that JMX Registry rejects non-local access for bind, unbind, rebind. + * The test is manual because the (non-local) host and port running JMX must be supplied as properties. + * @run main/othervm/manual -Djmx-registry.host=jmx-registry-host -Djmx-registry.port=jmx-registry-port NonLocalJMXRemoteTest + */ + +/** + * Verify that access checks for the Registry exported by JMX Registry.bind(), + * .rebind(), and .unbind() are prevented on remote access to the registry. + * The test verifies that the access check is performed *before* the object to be + * bound or rebound is deserialized. + * This tests the SingleEntryRegistry implemented by JMX. + * This test is a manual test and uses JMX running on a *different* host. + * JMX can be enabled in any Java runtime; for example: + * login or ssh to the different host and invoke rmiregistry with arguments below. + * It will not show any output. + * {@code $JDK_HOME/bin/rmiregistry \ + * -J-Dcom.sun.management.jmxremote.port=8888 \ + * -J-Dcom.sun.management.jmxremote.local.only=false \ + * -J-Dcom.sun.management.jmxremote.ssl=false \ + * -J-Dcom.sun.management.jmxremote.authenticate=false + * } + * On the first host modify the @run command above to replace "jmx-registry-host" + * with the hostname or IP address of the different host and run the test with jtreg. + */ +public class NonLocalJMXRemoteTest { + + public static void main(String[] args) throws Exception { + + String host = System.getProperty("jmx-registry.host"); + if (host == null || host.isEmpty()) { + throw new RuntimeException("Specify host with system property: -Djmx-registry.host=<host>"); + } + int port = Integer.getInteger("jmx-registry.port", -1); + if (port <= 0) { + throw new RuntimeException("Specify port with system property: -Djmx-registry.port=<port>"); + } + + // Check if running the test on a local system; it only applies to remote + String myHostName = InetAddress.getLocalHost().getHostName(); + Set<InetAddress> myAddrs = new HashSet<>(); + InetAddress[] myAddrsArr = InetAddress.getAllByName(myHostName); + for (InetAddress a : myAddrsArr) { + myAddrs.add(a); + } + Set<InetAddress> hostAddrs = new HashSet<>(); + InetAddress[] hostAddrsArr = InetAddress.getAllByName(host); + for (InetAddress a : hostAddrsArr) { + hostAddrs.add(a); + } + if (hostAddrs.stream().anyMatch(i -> myAddrs.contains(i)) + || hostAddrs.stream().anyMatch(h -> h.isLoopbackAddress())) { + throw new RuntimeException("Error: property 'jmx-registry.host' must not be the local host%n"); + } + + Registry registry = LocateRegistry.getRegistry(host, port); + try { + // Verify it is a JMX Registry + registry.lookup("jmxrmi"); + } catch (NotBoundException nf) { + throw new RuntimeException("Not a JMX registry, jmxrmi is not bound", nf); + } + + try { + registry.bind("foo", null); + throw new RuntimeException("Remote access should not succeed for method: bind"); + } catch (Exception e) { + assertIsAccessException(e); + } + + try { + registry.rebind("foo", null); + throw new RuntimeException("Remote access should not succeed for method: rebind"); + } catch (Exception e) { + assertIsAccessException(e); + } + + try { + registry.unbind("foo"); + throw new RuntimeException("Remote access should not succeed for method: unbind"); + } catch (Exception e) { + assertIsAccessException(e); + } + } + + /** + * Check the exception chain for the expected AccessException and message. + * @param ex the exception from the remote invocation. + */ + private static void assertIsAccessException(Throwable ex) { + Throwable t = ex; + while (!(t instanceof AccessException) && t.getCause() != null) { + t = t.getCause(); + } + if (t instanceof AccessException) { + String msg = t.getMessage(); + int asIndex = msg.indexOf("Registry"); + int disallowIndex = msg.indexOf("disallowed"); + int nonLocalHostIndex = msg.indexOf("non-local host"); + if (asIndex < 0 || + disallowIndex < 0 || + nonLocalHostIndex < 0 ) { + throw new RuntimeException("exception message is malformed", t); + } + System.out.printf("Found expected AccessException: %s%n%n", t); + } else { + throw new RuntimeException("AccessException did not occur when expected", ex); + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/javax/swing/JFileChooser/GodMode/JFileChooserTest.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,180 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + + /* + * @test + * @bug 8179014 + * @requires (os.family == "Windows") + * @summary Check if JFileChooser crashes with GodMode Directory. + * @run main/manual JFileChooserTest + */ +import java.awt.Color; +import java.awt.GridBagConstraints; +import java.awt.GridBagLayout; +import java.util.concurrent.CountDownLatch; +import javax.swing.JPanel; +import javax.swing.JTextArea; +import javax.swing.SwingUtilities; +import javax.swing.JButton; +import javax.swing.JFrame; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.util.concurrent.TimeUnit; +import javax.swing.JFileChooser; +import javax.swing.UIManager; + +public class JFileChooserTest { + + public static void main(String args[]) throws Exception { + final CountDownLatch latch = new CountDownLatch(1); + TestUI test = new TestUI(latch); + SwingUtilities.invokeAndWait(() -> { + try { + test.createUI(); + } catch (Exception ex) { + throw new RuntimeException("Exception while creating UI"); + } + }); + + boolean status = latch.await(5, TimeUnit.MINUTES); + + if (!status) { + System.out.println("Test timed out."); + } + + SwingUtilities.invokeAndWait(() -> { + try { + test.disposeUI(); + } catch (Exception ex) { + throw new RuntimeException("Exception while disposing UI"); + } + }); + + if (test.testResult == false) { + throw new RuntimeException("Test Failed."); + } + } +} + +class TestUI { + + private static JFrame mainFrame; + private static JPanel mainControlPanel; + + private static JTextArea instructionTextArea; + + private static JPanel resultButtonPanel; + private static JButton passButton; + private static JButton failButton; + + private static GridBagLayout layout; + private final CountDownLatch latch; + public boolean testResult = false; + + public TestUI(CountDownLatch latch) throws Exception { + this.latch = latch; + } + + public final void createUI() throws Exception { + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); + mainFrame = new JFrame("JFileChooserTest"); + + layout = new GridBagLayout(); + mainControlPanel = new JPanel(layout); + resultButtonPanel = new JPanel(layout); + + GridBagConstraints gbc = new GridBagConstraints(); + + // Create Test instructions + String instructions + = "INSTRUCTIONS:" + + "\n 1. Create a new folder on the desktop." + + "\n 2. Rename the folder exactly as given below: " + + "\n GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} " + + "\n 3. Click on Launch Button. " + + "\n Check if JFileChooser is launched successfully. " + + "\n If yes, close the JFileChooser and click Pass, " + + "\n else Fail. " + + "\n 4. Delete the GodMode folder."; + + instructionTextArea = new JTextArea(); + instructionTextArea.setText(instructions); + instructionTextArea.setEnabled(false); + instructionTextArea.setDisabledTextColor(Color.black); + instructionTextArea.setBackground(Color.white); + + gbc.gridx = 0; + gbc.gridy = 0; + gbc.fill = GridBagConstraints.HORIZONTAL; + mainControlPanel.add(instructionTextArea, gbc); + JButton launchButton = new JButton("Launch"); + launchButton.setActionCommand("Launch"); + launchButton.addActionListener((ActionEvent e) -> { + JFileChooser fileChooser = new JFileChooser(); + fileChooser.showOpenDialog(null); + } + ); + + gbc.gridx = 0; + gbc.gridy = 1; + mainControlPanel.add(launchButton, gbc); + + passButton = new JButton("Pass"); + passButton.setActionCommand("Pass"); + passButton.addActionListener((ActionEvent e) -> { + testResult = true; + mainFrame.dispose(); + latch.countDown(); + + }); + failButton = new JButton("Fail"); + failButton.setActionCommand("Fail"); + failButton.addActionListener(new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + testResult = false; + mainFrame.dispose(); + latch.countDown(); + } + }); + gbc.gridx = 0; + gbc.gridy = 0; + resultButtonPanel.add(passButton, gbc); + gbc.gridx = 1; + gbc.gridy = 0; + resultButtonPanel.add(failButton, gbc); + + gbc.gridx = 0; + gbc.gridy = 2; + mainControlPanel.add(resultButtonPanel, gbc); + + mainFrame.add(mainControlPanel); + mainFrame.pack(); + mainFrame.setVisible(true); + } + + public void disposeUI() { + mainFrame.setVisible(false); + mainFrame.dispose(); + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/javax/xml/ws/8159058/SaajEmptyNamespaceTest.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,282 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8159058 + * @summary Test that empty default namespace declaration clears the + * default namespace value + * @compile -XDignore.symbol.file SaajEmptyNamespaceTest.java + * @run testng/othervm SaajEmptyNamespaceTest + */ + +import com.sun.xml.internal.ws.api.SOAPVersion; +import com.sun.xml.internal.ws.api.message.saaj.SAAJFactory; +import com.sun.xml.internal.ws.message.stream.StreamMessage; +import java.io.ByteArrayInputStream; +import java.io.StringReader; +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; +import javax.xml.namespace.QName; +import javax.xml.soap.MessageFactory; +import javax.xml.soap.SOAPBody; +import javax.xml.soap.SOAPElement; +import javax.xml.soap.SOAPException; +import javax.xml.soap.SOAPMessage; +import javax.xml.stream.XMLInputFactory; +import javax.xml.stream.XMLStreamReader; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; +import javax.xml.transform.stream.StreamSource; +import org.testng.Assert; +import org.testng.annotations.Test; +import org.w3c.dom.Node; + +public class SaajEmptyNamespaceTest { + + /* + * Test that SOAP message with default namespace declaration that contains empty + * string is properly processed by SAAJ reader. + */ + @Test + public void testResetDefaultNamespaceSAAJ() throws Exception { + // Create SOAP message from XML string and process it with SAAJ reader + XMLStreamReader envelope = XMLInputFactory.newFactory().createXMLStreamReader( + new StringReader(INPUT_SOAP_MESSAGE)); + StreamMessage streamMessage = new StreamMessage(SOAPVersion.SOAP_11, + envelope, null); + SAAJFactory saajFact = new SAAJFactory(); + SOAPMessage soapMessage = saajFact.readAsSOAPMessage(SOAPVersion.SOAP_11, streamMessage); + + // Check if constructed object model meets local names and namespace expectations + SOAPElement request = (SOAPElement) soapMessage.getSOAPBody().getFirstChild(); + // Check top body element name + Assert.assertEquals(request.getLocalName(), "SampleServiceRequest"); + // Check top body element namespace + Assert.assertEquals(request.getNamespaceURI(), TEST_NS); + SOAPElement params = (SOAPElement) request.getFirstChild(); + // Check first child name + Assert.assertEquals(params.getLocalName(), "RequestParams"); + // Check if first child namespace is null + Assert.assertNull(params.getNamespaceURI()); + + // Check inner elements of the first child + SOAPElement param1 = (SOAPElement) params.getFirstChild(); + Assert.assertEquals(param1.getLocalName(), "Param1"); + Assert.assertNull(param1.getNamespaceURI()); + SOAPElement param2 = (SOAPElement) params.getChildNodes().item(1); + Assert.assertEquals(param2.getLocalName(), "Param2"); + Assert.assertNull(param2.getNamespaceURI()); + // Check full content of SOAP body + Assert.assertEquals(nodeToText(request), EXPECTED_RESULT); + } + + /* + * Test that adding element with explicitly null namespace URI shall put the + * element into global namespace. Namespace declarations are not added explicitly. + */ + @Test + public void testAddElementToNullNsNoDeclarations() throws Exception { + // Create empty SOAP message + SOAPMessage msg = createSoapMessage(); + SOAPBody body = msg.getSOAPPart().getEnvelope().getBody(); + + // Add elements + SOAPElement parentExplicitNS = body.addChildElement("content", "", TEST_NS); + SOAPElement childGlobalNS = parentExplicitNS.addChildElement("global-child", "", null); + SOAPElement childDefaultNS = parentExplicitNS.addChildElement("default-child"); + + // Check namespace URIs + Assert.assertNull(childGlobalNS.getNamespaceURI()); + Assert.assertEquals(childDefaultNS.getNamespaceURI(), TEST_NS); + } + + /* + * Test that adding element with explicitly empty namespace URI shall put + * the element into global namespace. Namespace declarations are not added + * explicitly. + */ + @Test + public void testAddElementToGlobalNsNoDeclarations() throws Exception { + // Create empty SOAP message + SOAPMessage msg = createSoapMessage(); + SOAPBody body = msg.getSOAPPart().getEnvelope().getBody(); + + // Add elements + SOAPElement parentExplicitNS = body.addChildElement("content", "", TEST_NS); + SOAPElement childGlobalNS = parentExplicitNS.addChildElement("global-child", "", ""); + SOAPElement childDefaultNS = parentExplicitNS.addChildElement("default-child"); + + // Check namespace URIs + Assert.assertNull(childGlobalNS.getNamespaceURI()); + Assert.assertEquals(childDefaultNS.getNamespaceURI(), TEST_NS); + } + + /* + * Test that adding element with explicitly empty namespace URI set via QName + * shall put the element into global namespace. + */ + @Test + public void testAddElementToNullNsQName() throws Exception { + // Create empty SOAP message + SOAPMessage msg = createSoapMessage(); + SOAPBody body = msg.getSOAPPart().getEnvelope().getBody(); + + // Add elements + SOAPElement parentExplicitNS = body.addChildElement("content", "", TEST_NS); + parentExplicitNS.addNamespaceDeclaration("", TEST_NS); + SOAPElement childGlobalNS = parentExplicitNS.addChildElement(new QName(null, "global-child")); + childGlobalNS.addNamespaceDeclaration("", ""); + SOAPElement grandChildGlobalNS = childGlobalNS.addChildElement("global-grand-child"); + SOAPElement childDefaultNS = parentExplicitNS.addChildElement("default-child"); + + // Check namespace URIs + Assert.assertNull(childGlobalNS.getNamespaceURI()); + Assert.assertNull(grandChildGlobalNS.getNamespaceURI()); + Assert.assertEquals(childDefaultNS.getNamespaceURI(), TEST_NS); + } + + /* + * Test that adding element with explicitly empty namespace URI shall put + * the element into global namespace. + */ + @Test + public void testAddElementToGlobalNs() throws Exception { + // Create empty SOAP message + SOAPMessage msg = createSoapMessage(); + SOAPBody body = msg.getSOAPPart().getEnvelope().getBody(); + + // Add elements + SOAPElement parentExplicitNS = body.addChildElement("content", "", TEST_NS); + parentExplicitNS.addNamespaceDeclaration("", TEST_NS); + SOAPElement childGlobalNS = parentExplicitNS.addChildElement("global-child", "", ""); + childGlobalNS.addNamespaceDeclaration("", ""); + SOAPElement grandChildGlobalNS = childGlobalNS.addChildElement("global-grand-child"); + SOAPElement childDefaultNS = parentExplicitNS.addChildElement("default-child"); + + // Check namespace URIs + Assert.assertNull(childGlobalNS.getNamespaceURI()); + Assert.assertNull(grandChildGlobalNS.getNamespaceURI()); + Assert.assertEquals(childDefaultNS.getNamespaceURI(), TEST_NS); + } + + /* + * Test that adding element with explicitly null namespace URI shall put + * the element into global namespace. + */ + @Test + public void testAddElementToNullNs() throws Exception { + // Create empty SOAP message + SOAPMessage msg = createSoapMessage(); + SOAPBody body = msg.getSOAPPart().getEnvelope().getBody(); + + // Add elements + SOAPElement parentExplicitNS = body.addChildElement("content", "", TEST_NS); + parentExplicitNS.addNamespaceDeclaration("", TEST_NS); + SOAPElement childGlobalNS = parentExplicitNS.addChildElement("global-child", "", null); + childGlobalNS.addNamespaceDeclaration("", null); + SOAPElement grandChildGlobalNS = childGlobalNS.addChildElement("global-grand-child"); + SOAPElement childDefaultNS = parentExplicitNS.addChildElement("default-child"); + + // Check namespace URIs + Assert.assertNull(childGlobalNS.getNamespaceURI()); + Assert.assertNull(grandChildGlobalNS.getNamespaceURI()); + Assert.assertEquals(TEST_NS, childDefaultNS.getNamespaceURI()); + } + + /* + * Test that adding element with explicitly empty namespace URI via QName + * shall put the element in global namespace. + */ + @Test + public void testAddElementToGlobalNsQName() throws Exception { + // Create empty SOAP message + SOAPMessage msg = createSoapMessage(); + SOAPBody body = msg.getSOAPPart().getEnvelope().getBody(); + + // Add elements + SOAPElement parentExplicitNS = body.addChildElement("content", "", TEST_NS); + parentExplicitNS.addNamespaceDeclaration("", TEST_NS); + SOAPElement childGlobalNS = parentExplicitNS.addChildElement(new QName("", "global-child")); + childGlobalNS.addNamespaceDeclaration("", ""); + SOAPElement grandChildGlobalNS = childGlobalNS.addChildElement("global-grand-child"); + SOAPElement childDefaultNS = parentExplicitNS.addChildElement("default-child"); + + // Check namespace URIs + Assert.assertNull(childGlobalNS.getNamespaceURI()); + Assert.assertNull(grandChildGlobalNS.getNamespaceURI()); + Assert.assertEquals(childDefaultNS.getNamespaceURI(),TEST_NS); + } + + // Convert DOM node to text representation + private String nodeToText(Node node) throws TransformerException { + Transformer trans = TransformerFactory.newInstance().newTransformer(); + trans.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + StringWriter writer = new StringWriter(); + StreamResult result = new StreamResult(writer); + trans.transform(new DOMSource(node), result); + String bodyContent = writer.toString(); + System.out.println("SOAP body content read by SAAJ:"+bodyContent); + return bodyContent; + } + + // Create SOAP message with empty body + private static SOAPMessage createSoapMessage() throws SOAPException, UnsupportedEncodingException { + String xml = "<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\">" + +"<SOAP-ENV:Body/></SOAP-ENV:Envelope>"; + MessageFactory mFactory = MessageFactory.newInstance(); + SOAPMessage msg = mFactory.createMessage(); + msg.getSOAPPart().setContent(new StreamSource(new ByteArrayInputStream(xml.getBytes("utf-8")))); + return msg; + } + + // Namespace value used in tests + private static String TEST_NS = "http://example.org/test"; + + // Content of SOAP message passed to SAAJ factory + private static String INPUT_SOAP_MESSAGE = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + + "<s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\">" + + "<s:Body>" + + "<SampleServiceRequest xmlns=\"http://example.org/test\"" + + " xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">" + + "<RequestParams xmlns=\"\">" + + "<Param1>hogehoge</Param1>" + + "<Param2>fugafuga</Param2>" + + "</RequestParams>" + + "</SampleServiceRequest>" + + "</s:Body>" + + "</s:Envelope>"; + + // Expected body content after SAAJ processing + private static String EXPECTED_RESULT = "<SampleServiceRequest" + +" xmlns=\"http://example.org/test\">" + + "<RequestParams xmlns=\"\">" + + "<Param1>hogehoge</Param1>" + + "<Param2>fugafuga</Param2>" + + "</RequestParams>" + + "</SampleServiceRequest>"; +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/management/LazyCompositeDataTest.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,163 @@ +/* + * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.util.HashMap; +import java.util.Map; +import javax.management.openmbean.ArrayType; +import javax.management.openmbean.CompositeData; +import javax.management.openmbean.CompositeDataSupport; +import javax.management.openmbean.CompositeType; +import javax.management.openmbean.OpenDataException; +import javax.management.openmbean.OpenType; +import javax.management.openmbean.SimpleType; +import sun.management.LazyCompositeData; + +/** + * @test + * @bug 8139870 + * @summary sun.management.LazyCompositeData.isTypeMatched() fails for composite types with items of ArrayType + * @modules java.management/sun.management + * @author Jaroslav Bachorik + */ + +public class LazyCompositeDataTest { + private final static CompositeData dataV1, dataV2; + + static { + try { + // *** + // prepare the composite types + + // composite type stored in an array; V1 + CompositeType subtypeV1 = new CompositeType( + "Subtype1", + "Version 1", + new String[]{"item1"}, + new String[]{"Item 1"}, + new OpenType<?>[]{ + SimpleType.STRING + } + ); + + // composite type stored in an array; V2 + CompositeType subtypeV2 = new CompositeType( + "Subtype2", + "Version 2", + new String[]{"item1", "item2"}, + new String[]{"Item 1", "Item 2"}, + new OpenType<?>[]{ + SimpleType.STRING, + SimpleType.INTEGER + } + ); + + + // main composite type; V1 + // one of the items is array of 'subtypeV1' instances + CompositeType typeV1 = new CompositeType( + "MyDataV1", + "Version 1", + new String[]{"item1", "item2"}, + new String[]{"Item 1", "Item 2"}, + new OpenType<?>[]{ + SimpleType.STRING, + ArrayType.getArrayType(subtypeV1) + } + ); + + // main composite type; V2 + // one of the items is array of 'subtypeV2' instances + CompositeType typeV2 = new CompositeType( + "MyDataV2", + "Version 2", + new String[]{"item1", "item2"}, + new String[]{"Item 1", "Item 2"}, + new OpenType<?>[]{ + SimpleType.STRING, + ArrayType.getArrayType(subtypeV2) + } + ); + // *** + + // *** + // construct the data + Map<String, Object> subitemsV1 = new HashMap<>(); + Map<String, Object> subitemsV2 = new HashMap<>(); + + Map<String, Object> itemsV1 = new HashMap<>(); + Map<String, Object> itemsV2 = new HashMap<>(); + + subitemsV1.put("item1", "item1"); + subitemsV2.put("item1", "item1"); + subitemsV2.put("item2", 42); + + itemsV1.put("item1", "item1"); + itemsV1.put("item2", new CompositeData[]{new CompositeDataSupport(subtypeV1, subitemsV1)}); + + itemsV2.put("item1", "item1"); + itemsV2.put("item2", new CompositeData[]{new CompositeDataSupport(subtypeV2, subitemsV2)}); + + dataV1 = new CompositeDataSupport(typeV1, itemsV1); + dataV2 = new CompositeDataSupport(typeV2, itemsV2); + // *** + } catch (OpenDataException e) { + throw new Error(e); + } + } + + private static class MyDataV1 extends LazyCompositeData { + @Override + protected CompositeData getCompositeData() { + return dataV1; + } + + public boolean isTypeMached(CompositeType type) { + return isTypeMatched(this.getCompositeType(), type); + } + } + + private static class MyDataV2 extends LazyCompositeData { + @Override + protected CompositeData getCompositeData() { + return dataV2; + } + + } + + public static void main(String[] args) throws Exception { + System.out.println("Checking LazyCompositeData.isTypeMatched()"); + MyDataV1 v1 = new MyDataV1(); + MyDataV2 v2 = new MyDataV2(); + + if (!v1.isTypeMached(v2.getCompositeType())) { + System.err.println("=== FAILED"); + System.err.println("V1 should be matched by V2"); + System.err.println("\n=== V1"); + System.err.println(v1.getCompositeType()); + System.err.println("\n=== V2"); + System.err.println(v2.getCompositeType()); + throw new Error(); + } + System.out.println("=== PASSED"); + } +} \ No newline at end of file
--- a/test/sun/security/pkcs/pkcs8/PKCS8Test.java Tue Jul 11 03:45:17 2017 +0100 +++ b/test/sun/security/pkcs/pkcs8/PKCS8Test.java Wed Jul 19 05:41:28 2017 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -191,12 +191,12 @@ public static void main(String[] args) throws IOException, InvalidKeyException { - BigInteger p = BigInteger.valueOf(1); - BigInteger q = BigInteger.valueOf(2); - BigInteger g = BigInteger.valueOf(3); - BigInteger x = BigInteger.valueOf(4); + BigInteger x = BigInteger.valueOf(1); + BigInteger p = BigInteger.valueOf(2); + BigInteger q = BigInteger.valueOf(3); + BigInteger g = BigInteger.valueOf(4); - DSAPrivateKey priv = new DSAPrivateKey(p, q, g, x); + DSAPrivateKey priv = new DSAPrivateKey(x, p, q, g); byte[] encodedKey = priv.getEncoded(); byte[] expectedBytes = new byte[EXPECTED.length];
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/pkcs/pkcs8/TestLeadingZeros.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,82 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8175251 + * @summary ensure that PKCS8-encoded private key with leading 0s + * can be loaded. + * @run main TestLeadingZeros + */ + +import java.io.*; +import java.security.*; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.interfaces.*; +import java.util.*; + +public class TestLeadingZeros { + + // The following test vectors are various BER encoded PKCS8 bytes + static final String[] PKCS8_ENCODINGS = { + // first is the original one from PKCS8Test + "301e020100301206052b0e03020c30090201020201030201040403020101A000", + // changed original to version w/ 1 leading 0 + "301f02020000301206052b0e03020c30090201020201030201040403020101A000", + // changed original to P w/ 1 leading 0 + "301f020100301306052b0e03020c300a020200020201030201040403020101A000", + // changed original to X w/ 2 leading 0s + "3020020100301206052b0e03020c300902010202010302010404050203000001A000" + }; + + public static void main(String[] argv) throws Exception { + KeyFactory factory = KeyFactory.getInstance("DSA", "SUN"); + + for (String encodings : PKCS8_ENCODINGS) { + byte[] encodingBytes = hexToBytes(encodings); + PKCS8EncodedKeySpec encodedKeySpec = + new PKCS8EncodedKeySpec(encodingBytes); + DSAPrivateKey privKey2 = (DSAPrivateKey) + factory.generatePrivate(encodedKeySpec); + System.out.println("key: " + privKey2); + } + System.out.println("Test Passed"); + } + + private static byte[] hexToBytes(String hex) { + if (hex.length() % 2 != 0) { + throw new RuntimeException("Input should be even length"); + } + int size = hex.length() / 2; + byte[] result = new byte[size]; + for (int i = 0; i < size; i++) { + int hi = Character.digit(hex.charAt(2 * i), 16); + int lo = Character.digit(hex.charAt(2 * i + 1), 16); + if ((hi == -1) || (lo == -1)) { + throw new RuntimeException("Input should be hexadecimal"); + } + result[i] = (byte) (16 * hi + lo); + } + return result; + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/JSSEClient.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.InputStream; +import java.io.OutputStream; +import java.net.InetSocketAddress; + +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSocket; +import javax.net.ssl.SSLSocketFactory; + +/* + * A SSL socket client. + */ +public class JSSEClient { + + public static void main(String[] args) throws Exception { + System.out.println("Client: arguments=" + String.join("; ", args)); + + int port = Integer.valueOf(args[0]); + String[] trustNames = args[1].split(TLSRestrictions.DELIMITER); + String[] certNames = args[2].split(TLSRestrictions.DELIMITER); + String constraint = args[3]; + + TLSRestrictions.setConstraint("Client", constraint); + + SSLContext context = TLSRestrictions.createSSLContext( + trustNames, certNames); + SSLSocketFactory socketFactory = context.getSocketFactory(); + try (SSLSocket socket = (SSLSocket) socketFactory.createSocket()) { + socket.connect(new InetSocketAddress("localhost", port), + TLSRestrictions.TIMEOUT); + socket.setSoTimeout(TLSRestrictions.TIMEOUT); + System.out.println("Client: connected"); + + InputStream sslIS = socket.getInputStream(); + OutputStream sslOS = socket.getOutputStream(); + sslOS.write('C'); + sslOS.flush(); + sslIS.read(); + System.out.println("Client: finished"); + } catch (Exception e) { + throw new RuntimeException("Client: failed.", e); + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/JSSEServer.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.InputStream; +import java.io.OutputStream; + +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLServerSocket; +import javax.net.ssl.SSLServerSocketFactory; +import javax.net.ssl.SSLSocket; + +/* + * A SSL socket server. + */ +public class JSSEServer { + + private SSLServerSocket server = null; + + private Exception exception = null; + + public JSSEServer(SSLContext context, + boolean needClientAuth) throws Exception { + SSLServerSocketFactory serverFactory = context.getServerSocketFactory(); + server = (SSLServerSocket) serverFactory.createServerSocket(0); + server.setSoTimeout(TLSRestrictions.TIMEOUT); + server.setNeedClientAuth(needClientAuth); // for dual authentication + System.out.println("Server: port=" + getPort()); + } + + public void start() { + new Thread(new Runnable() { + + @Override + public void run() { + try { + System.out.println("Server: started"); + try (SSLSocket socket = (SSLSocket) server.accept()) { + socket.setSoTimeout(TLSRestrictions.TIMEOUT); + InputStream sslIS = socket.getInputStream(); + OutputStream sslOS = socket.getOutputStream(); + sslIS.read(); + sslOS.write('S'); + sslOS.flush(); + System.out.println("Server: finished"); + } + } catch (Exception e) { + e.printStackTrace(System.out); + exception = e; + } + } + }).start(); + } + + public int getPort() { + return server.getLocalPort(); + } + + public Exception getException() { + return exception; + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/TLSRestrictions.java Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,541 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.SocketTimeoutException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.security.KeyFactory; +import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.Security; +import java.security.cert.Certificate; +import java.security.cert.CertificateFactory; +import java.security.spec.PKCS8EncodedKeySpec; +import java.util.Base64; +import java.util.stream.Collectors; + +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLHandshakeException; +import javax.net.ssl.TrustManagerFactory; + +import jdk.testlibrary.OutputAnalyzer; +import jdk.testlibrary.ProcessTools; + +/* + * @test + * @summary Verify the restrictions for certificate path on JSSE with custom trust store. + * @library /lib/testlibrary + * @compile JSSEClient.java + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions DEFAULT + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C1 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S1 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C2 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S2 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C3 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S3 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C4 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S4 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C5 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S5 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C6 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S6 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C7 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S7 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C8 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S8 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C9 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S9 + */ +public class TLSRestrictions { + + private static final String TEST_CLASSES = System.getProperty("test.classes"); + private static final char[] PASSWORD = "".toCharArray(); + private static final String CERT_DIR = System.getProperty("cert.dir", + System.getProperty("test.src") + "/certs"); + + static final String PROP = "jdk.certpath.disabledAlgorithms"; + static final String NOSHA1 = "MD2, MD5"; + private static final String TLSSERVER = "SHA1 usage TLSServer"; + private static final String TLSCLIENT = "SHA1 usage TLSClient"; + static final String JDKCATLSSERVER = "SHA1 jdkCA & usage TLSServer"; + static final String JDKCATLSCLIENT = "SHA1 jdkCA & usage TLSClient"; + + // This is a space holder in command arguments, and stands for none certificate. + static final String NONE_CERT = "NONE_CERT"; + + static final String DELIMITER = ","; + static final int TIMEOUT = 30000; + + // It checks if java.security contains constraint "SHA1 jdkCA & usage TLSServer" + // for jdk.certpath.disabledAlgorithms by default. + private static void checkDefaultConstraint() { + System.out.println( + "Case: Checks the default value of jdk.certpath.disabledAlgorithms"); + if (!Security.getProperty(PROP).contains(JDKCATLSSERVER)) { + throw new RuntimeException(String.format( + "%s doesn't contain constraint \"%s\", the real value is \"%s\".", + PROP, JDKCATLSSERVER, Security.getProperty(PROP))); + } + } + + /* + * This method creates trust store and key store with specified certificates + * respectively. And then it creates SSL context with the stores. + * If trustNames contains NONE_CERT only, it does not create a custom trust + * store, but the default one in JDK. + * + * @param trustNames Trust anchors, which are used to create custom trust store. + * If null, no custom trust store is created and the default + * trust store in JDK is used. + * @param certNames Certificate chain, which is used to create key store. + * It cannot be null. + */ + static SSLContext createSSLContext(String[] trustNames, + String[] certNames) throws Exception { + CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); + + TrustManagerFactory tmf = null; + if (trustNames != null && trustNames.length > 0 + && !trustNames[0].equals(NONE_CERT)) { + KeyStore trustStore = KeyStore.getInstance("JKS"); + trustStore.load(null, null); + for (int i = 0; i < trustNames.length; i++) { + try (InputStream is = new ByteArrayInputStream( + loadCert(trustNames[i]).getBytes())) { + Certificate trustCert = certFactory.generateCertificate(is); + trustStore.setCertificateEntry("trustCert-" + i, trustCert); + } + } + + tmf = TrustManagerFactory.getInstance("PKIX"); + tmf.init(trustStore); + } + + Certificate[] certChain = new Certificate[certNames.length]; + for (int i = 0; i < certNames.length; i++) { + try (InputStream is = new ByteArrayInputStream( + loadCert(certNames[i]).getBytes())) { + Certificate cert = certFactory.generateCertificate(is); + certChain[i] = cert; + } + } + + PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec( + Base64.getMimeDecoder().decode(loadPrivKey(certNames[0]))); + KeyFactory keyFactory = KeyFactory.getInstance("RSA"); + PrivateKey privKey = keyFactory.generatePrivate(privKeySpec); + + KeyStore keyStore = KeyStore.getInstance("JKS"); + keyStore.load(null, null); + keyStore.setKeyEntry("keyCert", privKey, PASSWORD, certChain); + + KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509"); + kmf.init(keyStore, PASSWORD); + + SSLContext context = SSLContext.getInstance("TLS"); + context.init(kmf.getKeyManagers(), + tmf == null ? null : tmf.getTrustManagers(), null); + return context; + } + + /* + * This method sets jdk.certpath.disabledAlgorithms, and then retrieves + * and prints its value. + */ + static void setConstraint(String side, String constraint) { + System.out.printf("%s: Old %s=%s%n", side, PROP, + Security.getProperty(PROP)); + Security.setProperty(PROP, constraint); + System.out.printf("%s: New %s=%s%n", side, PROP, + Security.getProperty(PROP)); + } + + /* + * This method is used to run a variety of cases. + * It launches a server, and then takes a client to connect the server. + * Both of server and client use the same certificates. + * + * @param trustNames Trust anchors, which are used to create custom trust store. + * If null, the default trust store in JDK is used. + * @param certNames Certificate chain, which is used to create key store. + * It cannot be null. The first certificate is regarded as + * the end entity. + * @param serverConstraint jdk.certpath.disabledAlgorithms value on server side. + * @param clientConstraint jdk.certpath.disabledAlgorithms value on client side. + * @param needClientAuth If true, server side acquires client authentication; + * otherwise, false. + * @param pass If true, the connection should be blocked; otherwise, false. + */ + static void testConstraint(String[] trustNames, String[] certNames, + String serverConstraint, String clientConstraint, + boolean needClientAuth, boolean pass) throws Throwable { + String trustNameStr = trustNames == null ? "" + : String.join(DELIMITER, trustNames); + String certNameStr = certNames == null ? "" + : String.join(DELIMITER, certNames); + + System.out.printf("Case:%n" + + " trustNames=%s; certNames=%s%n" + + " serverConstraint=%s; clientConstraint=%s%n" + + " needClientAuth=%s%n" + + " pass=%s%n%n", + trustNameStr, certNameStr, + serverConstraint, clientConstraint, + needClientAuth, + pass); + setConstraint("Server", serverConstraint); + JSSEServer server = new JSSEServer( + createSSLContext(trustNames, certNames), + needClientAuth); + int port = server.getPort(); + server.start(); + + // Run client on another JVM so that its properties cannot be in conflict + // with server's. + OutputAnalyzer outputAnalyzer = ProcessTools.executeTestJvm( + "-Dcert.dir=" + CERT_DIR, + "-Djava.security.debug=certpath", + "-classpath", + TEST_CLASSES, + "JSSEClient", + port + "", + trustNameStr, + certNameStr, + clientConstraint); + int exitValue = outputAnalyzer.getExitValue(); + String clientOut = outputAnalyzer.getOutput(); + + Exception serverException = server.getException(); + if (serverException != null) { + System.out.println("Server: failed"); + } + + System.out.println("---------- Client output start ----------"); + System.out.println(clientOut); + System.out.println("---------- Client output end ----------"); + + if (serverException instanceof SocketTimeoutException + || clientOut.contains("SocketTimeoutException")) { + System.out.println("The communication gets timeout and skips the test."); + return; + } + + if (pass) { + if (serverException != null || exitValue != 0) { + throw new RuntimeException( + "Unexpected failure. Operation was blocked."); + } + } else { + if (serverException == null && exitValue == 0) { + throw new RuntimeException( + "Unexpected pass. Operation was allowed."); + } + + // The test may encounter non-SSL issues, like network problem. + if (!(serverException instanceof SSLHandshakeException + || clientOut.contains("SSLHandshakeException"))) { + throw new RuntimeException("Failure with unexpected exception."); + } + } + } + + /* + * This method is used to run a variety of cases, which don't require client + * authentication by default. + */ + static void testConstraint(String[] trustNames, String[] certNames, + String serverConstraint, String clientConstraint, boolean pass) + throws Throwable { + testConstraint(trustNames, certNames, serverConstraint, clientConstraint, + false, pass); + } + + public static void main(String[] args) throws Throwable { + switch (args[0]) { + // Case DEFAULT only checks one of default settings for + // jdk.certpath.disabledAlgorithms in JDK/conf/security/java.security. + case "DEFAULT": + checkDefaultConstraint(); + break; + + // Cases C1 and S1 use SHA256 root CA in trust store, + // and use SHA256 end entity in key store. + // C1 only sets constraint "SHA1 usage TLSServer" on client side; + // S1 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should not be blocked. + case "C1": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { "INTER_CA_SHA256-ROOT_CA_SHA256" }, + NOSHA1, + TLSSERVER, + true); + break; + case "S1": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { "INTER_CA_SHA256-ROOT_CA_SHA256" }, + TLSCLIENT, + NOSHA1, + true, + true); + break; + + // Cases C2 and S2 use SHA256 root CA in trust store, + // and use SHA1 end entity in key store. + // C2 only sets constraint "SHA1 usage TLSServer" on client side; + // S2 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should be blocked. + case "C2": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { "INTER_CA_SHA1-ROOT_CA_SHA256" }, + NOSHA1, + TLSSERVER, + false); + break; + case "S2": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { "INTER_CA_SHA1-ROOT_CA_SHA256" }, + TLSCLIENT, + NOSHA1, + true, + false); + break; + + // Cases C3 and S3 use SHA1 root CA in trust store, + // and use SHA1 end entity in key store. + // C3 only sets constraint "SHA1 usage TLSServer" on client side; + // S3 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should be blocked. + case "C3": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { "INTER_CA_SHA1-ROOT_CA_SHA1" }, + NOSHA1, + TLSSERVER, + false); + break; + case "S3": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { "INTER_CA_SHA1-ROOT_CA_SHA1" }, + TLSCLIENT, + NOSHA1, + true, + false); + break; + + // Cases C4 and S4 use SHA1 root CA as trust store, + // and use SHA256 end entity in key store. + // C4 only sets constraint "SHA1 usage TLSServer" on client side; + // S4 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should not be blocked. + case "C4": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { "INTER_CA_SHA256-ROOT_CA_SHA1" }, + NOSHA1, + TLSSERVER, + true); + break; + case "S4": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { "INTER_CA_SHA256-ROOT_CA_SHA1" }, + TLSCLIENT, + NOSHA1, + true, + true); + break; + + // Cases C5 and S5 use SHA1 root CA in trust store, + // and use SHA256 intermediate CA and SHA256 end entity in key store. + // C5 only sets constraint "SHA1 usage TLSServer" on client side; + // S5 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should not be blocked. + case "C5": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1", + "INTER_CA_SHA256-ROOT_CA_SHA1" }, + NOSHA1, + TLSSERVER, + true); + break; + case "S5": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1", + "INTER_CA_SHA256-ROOT_CA_SHA1" }, + TLSCLIENT, + NOSHA1, + true, + true); + break; + + // Cases C6 and S6 use SHA1 root CA as trust store, + // and use SHA1 intermediate CA and SHA256 end entity in key store. + // C6 only sets constraint "SHA1 usage TLSServer" on client side; + // S6 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should be blocked. + case "C6": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1", + "INTER_CA_SHA1-ROOT_CA_SHA1" }, + NOSHA1, + TLSSERVER, + false); + break; + case "S6": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1", + "INTER_CA_SHA1-ROOT_CA_SHA1" }, + TLSCLIENT, + NOSHA1, + true, + false); + break; + + // Cases C7 and S7 use SHA256 root CA in trust store, + // and use SHA256 intermediate CA and SHA1 end entity in key store. + // C7 only sets constraint "SHA1 usage TLSServer" on client side; + // S7 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should be blocked. + case "C7": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256", + "INTER_CA_SHA256-ROOT_CA_SHA256" }, + NOSHA1, + TLSSERVER, + false); + break; + case "S7": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256", + "INTER_CA_SHA256-ROOT_CA_SHA256" }, + TLSCLIENT, + NOSHA1, + true, + false); + break; + + // Cases C8 and S8 use SHA256 root CA in trust store, + // and use SHA1 intermediate CA and SHA256 end entity in key store. + // C8 only sets constraint "SHA1 usage TLSServer" on client side; + // S8 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should be blocked. + case "C8": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256", + "INTER_CA_SHA1-ROOT_CA_SHA256" }, + NOSHA1, + TLSSERVER, + false); + break; + case "S8": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256", + "INTER_CA_SHA1-ROOT_CA_SHA256" }, + TLSCLIENT, + NOSHA1, + true, + false); + break; + + // Cases C9 and S9 use SHA256 root CA and SHA1 intermediate CA in trust store, + // and use SHA256 end entity in key store. + // C9 only sets constraint "SHA1 usage TLSServer" on client side; + // S9 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should not be blocked. + case "C9": + testConstraint( + new String[] { + "ROOT_CA_SHA256", + "INTER_CA_SHA1-ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256" }, + NOSHA1, + TLSSERVER, + true); + break; + case "S9": + testConstraint( + new String[] { + "ROOT_CA_SHA256", + "INTER_CA_SHA1-ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256" }, + TLSCLIENT, + NOSHA1, + true, + true); + break; + } + + System.out.println("Case passed"); + System.out.println("========================================"); + } + + private static String loadCert(String certName) { + try { + Path certFilePath = Paths.get(CERT_DIR, certName + ".cer"); + return String.join("\n", + Files.lines(certFilePath).filter((String line) -> { + return !line.startsWith("Certificate") + && !line.startsWith(" "); + }).collect(Collectors.toList())); + } catch (IOException e) { + throw new RuntimeException("Load certificate failed", e); + } + } + + private static String loadPrivKey(String certName) { + Path priveKeyFilePath = Paths.get(CERT_DIR, certName + "-PRIV.key"); + try { + return new String(Files.readAllBytes(priveKeyFilePath)); + } catch (IOException e) { + throw new RuntimeException("Load private key failed", e); + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCYQDZxHxNJV8dQ +I6mfJjuIZxAe5CX9GCrS3Fajh5DXIQwdcvQ4s6YdKzwFn+8dUdspdNTnS+bWjfYw +0iAbsMt6L6ewutaZf6aufh1EBYiwNOvN8C8Cx0iiE8NiBo833AYWHKhDC4qu63QR +dYwb9j+Jg8t6p0lQ64sFLDN/RJOcWlaPQbJbSNBKePQR7WOFvdJgFAdQmQjL+ND6 +PSui9QByyXQ+3nfs7ID4paUxYbCrJMh5/AJqaT04DYDEumfmURUn5+ZOIqmqvI2I +pNXN5gVzL3b8mM2WGr5dpRY5cZ1X//BQ91SNjrKNJlmKFr7nMCfAdzxIW4b/sArv +eYNE2Vy7AgMBAAECggEBAJNtkopFoiJiKnFypxyiJAG4cwbGu/ZxwX3/uLGPY3S9 +3oJhvxVs+IzEQdHchempSwTAyizS9cuLGfs6bbcConZF0Sa0NXvb/SZ4npQwm6St +Ci2Xx530JWQ0qPyyB1r65rXguBp8AaXR/8msPqkQ8YOSqKWzea4u96Zhn9g8Koe6 +AD/8FeSzJBDVbJ+C7jKX/7sKsHbYqulzLMQf0lqXFxpGW+5UJaozoQOWXnnmqU3T +0i4uaGUCXHbQM8eh3fvMFCU4UQMYVS1QOSvZJTnO5bSb8SqeQnCMnQ18ltq4sL43 +qFsEcmAjrlhNoBwslqvfY1bX9NtXyFZ8PuD8OvoFxPkCgYEAxlVfD2qcrAoOcbDe +Em9hDVPizRuzGuCHi9K2YLDrLVDNd6NF3Pk65JiTsd1fA2AZdi+ljKGEwBhNFOyk +qwmK2K4sYy7zvyV3Blmwvyo7+OaeexYF8RIw5keGlRsgHTGarzlQAlJu91UmyAmE +C/99fZbSWo9QndJ0FVR6G3ti71UCgYEAxITBJqVtNFnv4PGdc3FNsYXlRQcSWjs9 +/1lsppLQjC6HMsb6JpxYUF3D4oFiUESKe/9kZzl1H/65Cm2mYq8sj+7lug8P5tz7 +DQa91dFM02r8JLO6TitSuZfbc0XH0K450ntuQlKX581icYSGBUwQHGApespuNVlh +Mg7CmwNse88CgYAienrhEjaUTdc++nFQoR4tE/UslPEo7fmCXCoqWvc3VIGzl6Ww +iX8seD3MwOAglRc4DYZpETcjsdXMmmrx9OG3U2gSAfqLszai2vq38N6mIWlRmn2D +8BaiIbMKvsFxccsjRQJctPnnc10fj0/uSgcFyy9cYOex2AEoKBxmJKgJVQKBgA0c +HhaJ6qMXbN1AwRQ2dsxk9kqIkjzavuQN/yWNncP8RqCojX+N5oZV+v9dSkW4jNSA +0R3hw2KDB60ea38h2IMxmLm0z4bDLyxLSta8w7dG59M6+i7EzRv8eXNTMGVHeiwE +d/KMt/2Kwgp4oMgxrtF1yM6cOoXslINWYL0emVoZAoGAcEKzO8LgPJsIVjRFz3ri +0AQqiXQzYek2WAXYhlQCvBVn8in3MYcxKhjA3Og3Lym0xvZ+/8SbII9QNaidbgIH +HDreeJW4KE5EfVnDaYcxwK/9LXZXndIxrpR0YKNSvZT7DuuQtFCoxJcASxb1k9Tc +5MPT+pyPL+9v2q56ry56qas=
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + e8:33:78:c7:69:9c:28:c2 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA256-ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:07 2017 GMT + Not After : Mar 28 04:51:07 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:98:40:36:71:1f:13:49:57:c7:50:23:a9:9f:26: + 3b:88:67:10:1e:e4:25:fd:18:2a:d2:dc:56:a3:87: + 90:d7:21:0c:1d:72:f4:38:b3:a6:1d:2b:3c:05:9f: + ef:1d:51:db:29:74:d4:e7:4b:e6:d6:8d:f6:30:d2: + 20:1b:b0:cb:7a:2f:a7:b0:ba:d6:99:7f:a6:ae:7e: + 1d:44:05:88:b0:34:eb:cd:f0:2f:02:c7:48:a2:13: + c3:62:06:8f:37:dc:06:16:1c:a8:43:0b:8a:ae:eb: + 74:11:75:8c:1b:f6:3f:89:83:cb:7a:a7:49:50:eb: + 8b:05:2c:33:7f:44:93:9c:5a:56:8f:41:b2:5b:48: + d0:4a:78:f4:11:ed:63:85:bd:d2:60:14:07:50:99: + 08:cb:f8:d0:fa:3d:2b:a2:f5:00:72:c9:74:3e:de: + 77:ec:ec:80:f8:a5:a5:31:61:b0:ab:24:c8:79:fc: + 02:6a:69:3d:38:0d:80:c4:ba:67:e6:51:15:27:e7: + e6:4e:22:a9:aa:bc:8d:88:a4:d5:cd:e6:05:73:2f: + 76:fc:98:cd:96:1a:be:5d:a5:16:39:71:9d:57:ff: + f0:50:f7:54:8d:8e:b2:8d:26:59:8a:16:be:e7:30: + 27:c0:77:3c:48:5b:86:ff:b0:0a:ef:79:83:44:d9: + 5c:bb + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:84:A1:70:1D:0A:92:D3:CC + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 22:63:2a:de:80:70:92:f7:53:e4:7f:ea:01:2b:13:b3:1b:02: + 2e:10:b4:1d:b7:33:7f:6f:0d:88:46:5a:b8:db:83:95:77:e2: + db:da:2e:31:0a:85:c6:9a:75:84:ca:73:5c:be:e3:30:22:7e: + bc:60:43:49:7c:69:06:14:4a:89:e4:23:ca:25:99:85:d6:06: + 16:d5:9e:a8:fd:25:43:88:07:12:0a:7e:de:24:33:71:ab:a4: + 23:aa:4e:dc:0f:89:ef:a9:09:89:55:a1:1d:ee:48:35:ea:10: + 42:ff:98:15:2a:e8:5c:46:e0:e4:4f:4c:b9:07:e0:da:08:6f: + ce:4a:fe:98:3e:ae:c5:e5:6a:6e:50:0f:2d:39:01:55:ed:59: + 0b:65:30:54:e8:72:26:ee:9f:cf:3f:ce:6a:20:c8:87:c9:81: + bc:f8:b3:ec:77:bb:bc:5b:8c:3f:18:fd:08:76:ad:27:59:fc: + b8:74:96:0d:cd:ed:97:91:6b:95:89:3a:f3:78:de:9f:06:a6: + ce:36:01:f0:be:ae:d8:d6:c4:3d:51:8a:2a:e0:43:59:8c:b4: + eb:63:93:9d:53:72:f8:4b:a3:c7:4a:da:2e:56:33:b6:46:1b: + 45:a8:23:1b:82:de:6d:4e:e0:18:cf:9b:ba:22:68:8b:8c:de: + 6f:08:2d:bc +-----BEGIN CERTIFICATE----- +MIID/jCCAuagAwIBAgIJAOgzeMdpnCjCMA0GCSqGSIb3DQEBBQUAMG8xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMScwJQYDVQQDDB5JTlRFUl9DQV9TSEEyNTYtUk9PVF9D +QV9TSEEyNTYwHhcNMTcwMzMwMDQ1MTA3WhcNMjcwMzI4MDQ1MTA3WjB/MQswCQYD +VQQGEwJVUzELMAkGA1UECAwCQ0ExDTALBgNVBAcMBENpdHkxDDAKBgNVBAoMA09y +ZzENMAsGA1UECwwESmF2YTE3MDUGA1UEAwwuRU5EX0VOVElUWV9TSEExLUlOVEVS +X0NBX1NIQTI1Ni1ST09UX0NBX1NIQTI1NjCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAJhANnEfE0lXx1AjqZ8mO4hnEB7kJf0YKtLcVqOHkNchDB1y9Diz +ph0rPAWf7x1R2yl01OdL5taN9jDSIBuwy3ovp7C61pl/pq5+HUQFiLA0683wLwLH +SKITw2IGjzfcBhYcqEMLiq7rdBF1jBv2P4mDy3qnSVDriwUsM39Ek5xaVo9BsltI +0Ep49BHtY4W90mAUB1CZCMv40Po9K6L1AHLJdD7ed+zsgPilpTFhsKskyHn8Ampp +PTgNgMS6Z+ZRFSfn5k4iqaq8jYik1c3mBXMvdvyYzZYavl2lFjlxnVf/8FD3VI2O +so0mWYoWvucwJ8B3PEhbhv+wCu95g0TZXLsCAwEAAaOBjDCBiTB5BgNVHSMEcjBw +oWOkYTBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTALBgNVBAcMBENpdHkx +DDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEXMBUGA1UEAwwOUk9PVF9DQV9T +SEEyNTaCCQCEoXAdCpLTzDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IB +AQAiYyregHCS91Pkf+oBKxOzGwIuELQdtzN/bw2IRlq424OVd+Lb2i4xCoXGmnWE +ynNcvuMwIn68YENJfGkGFEqJ5CPKJZmF1gYW1Z6o/SVDiAcSCn7eJDNxq6Qjqk7c +D4nvqQmJVaEd7kg16hBC/5gVKuhcRuDkT0y5B+DaCG/OSv6YPq7F5WpuUA8tOQFV +7VkLZTBU6HIm7p/PP85qIMiHyYG8+LPsd7u8W4w/GP0Idq0nWfy4dJYNze2XkWuV +iTrzeN6fBqbONgHwvq7Y1sQ9UYoq4ENZjLTrY5OdU3L4S6PHStouVjO2RhtFqCMb +gt5tTuAYz5u6ImiLjN5vCC28 +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDaYlKNTU1iQes/ +BtivvM1ixjCk1muM1RdMkJQItZB21y1kM1OLp3EmGKqVqwKbS5OTrMIxjPUwD9Ly +aRJMvSP1xve7zwmNXOngA8eukmQ2olQU58ble6IAHcj4qg7a38E1ITvDmAswhTzK +fI4Z6okLCjKfYafnfbi5JA+E6fiArB3zimjne+tiUNYZh2eYspsOOw6cmaLtIbMP +ZyXy4iP6OCNIikb08Da27zjVn04i1SeUEv1YFmn4B9GWcNLAXyM1LmCNi70+SATp +aZYRjr/BBR6LNZMBsNKJblWFXK3UtfYFiypyirgQjzPtLb1XsuMhfqMt8QZDh8n3 +YvYTW59xAgMBAAECggEAb4NPdhnoDulsL5XWZf55vhtH0ZQv/Qz+xbj57myQJS8B +Xa4b1i8dRv/Hc3+MaDIyXHEWBGle9jjOVbwzfP4D88eyzrMMxKOSRTKI72qPQ5qm +ZrpnxNzZv0d2TQvBZCBnrzKWKu1joVYX0anCghdR/VIqwVoDe+Clx9xTFGLI4yKO +7v0dkr4Hxn3NT6bTV18V6PoGbUgIsmpNYQPFyUM/IHG2ewDffLP+tm7RsEfKYmcx +Hr70pmWBpM9hwTAC+uXHuNXnsX4IjEQOXmm4PJ/A/sm2Bad93SPwi15e29MV8YbO +vvirGLaepa7AUvqoK0DFNCLU6vCeFJ7DUZ/u2P8x8QKBgQDxNOWvy3EV4/P/ocSf +itMtXZWj4driT4vUGwFZWfr3CVpZVaUmqXYeVdzNGuoWlmXOiOAuOepnlA36FCb5 +aGE4cq/hbdtbr+v6awEj5/A2me/ax1W1z6lD0pg0QJ7KvqFCBzVol5yTiWZKBVE+ +jp2waPfes770AUHczw9KKvEGtQKBgQDnxxiZAxtoNmOaB/NZmPNBKvWDw858+QX2 ++u/jEH3pW393tUnipgIoo6yvd6djhJ6/4ViOxdioMIQCBab/xuSB4lfQsrJsWvS9 +uYB794s7CV2r3kUa3ux8wAovW6Fc369nD7JjUPX/Cq3zdlyTDt9LVLRCpZ6Li1xB +r0ZVlpgPTQKBgQCgKay+X0tW6sdxHfyOp8Lz46liaa1LCuDhVZE+wHXZpXc9zJXe +JzZMjF0SQGXh27n8O30IlOJmJrRlMw5yG/I6ZkUNXkIDDryVyom2SuOBjhPrZOMv +15UgeO0h/Sqzm4M+ccTwD4Qjn1+xlPhOnqpsoja8xQPtyAvwz/jqGbtz5QKBgH01 +pSgj8Y5es3fmi6P/aInv9ynzgX0p2fsOnMEBi8Og1j+JBB0YqVni8crozNiKMGhg +CEM4xk41x1qASzMp8w/ngqEPqCu5BzXnHG3b0K9X4+6Q6KwXeZH6/IWQ7p8Jh+wZ +IrlcZ0gcMNSxQFmBU0eSvr6yUe/4nSIu2cQq0oKRAoGAUEFd0LxZw50BdCdpJlcQ ++oTbSUYQhAzPF2ybfR6i8IxXoOjVxpvRehlbwXIQV7XEqamXFTmBLIvuAlF1yWoH +hzxNJuEgPRTPztnHD6LVzvuf2ain+CFZuDrXBT2l8PyF9BNL4/DMRrbgdCxr9F0O +Ti0VJo1TRE8vVzUfVc9w1RI=
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 86:09:85:57:41:bf:86:65 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA1-ROOT_CA_SHA1 + Validity + Not Before: Mar 30 04:51:06 2017 GMT + Not After : Mar 28 04:51:06 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:da:62:52:8d:4d:4d:62:41:eb:3f:06:d8:af:bc: + cd:62:c6:30:a4:d6:6b:8c:d5:17:4c:90:94:08:b5: + 90:76:d7:2d:64:33:53:8b:a7:71:26:18:aa:95:ab: + 02:9b:4b:93:93:ac:c2:31:8c:f5:30:0f:d2:f2:69: + 12:4c:bd:23:f5:c6:f7:bb:cf:09:8d:5c:e9:e0:03: + c7:ae:92:64:36:a2:54:14:e7:c6:e5:7b:a2:00:1d: + c8:f8:aa:0e:da:df:c1:35:21:3b:c3:98:0b:30:85: + 3c:ca:7c:8e:19:ea:89:0b:0a:32:9f:61:a7:e7:7d: + b8:b9:24:0f:84:e9:f8:80:ac:1d:f3:8a:68:e7:7b: + eb:62:50:d6:19:87:67:98:b2:9b:0e:3b:0e:9c:99: + a2:ed:21:b3:0f:67:25:f2:e2:23:fa:38:23:48:8a: + 46:f4:f0:36:b6:ef:38:d5:9f:4e:22:d5:27:94:12: + fd:58:16:69:f8:07:d1:96:70:d2:c0:5f:23:35:2e: + 60:8d:8b:bd:3e:48:04:e9:69:96:11:8e:bf:c1:05: + 1e:8b:35:93:01:b0:d2:89:6e:55:85:5c:ad:d4:b5: + f6:05:8b:2a:72:8a:b8:10:8f:33:ed:2d:bd:57:b2: + e3:21:7e:a3:2d:f1:06:43:87:c9:f7:62:f6:13:5b: + 9f:71 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA1 + serial:8D:A0:D2:8A:EE:0B:CF:65 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 29:b0:10:dc:45:ee:68:77:5f:12:9b:fc:de:eb:70:41:2e:6a: + a2:5f:a9:cc:ca:97:24:01:4a:1d:c2:78:52:57:34:9c:83:7f: + 60:f5:d9:68:a2:32:89:e9:d7:25:71:72:71:e5:76:e3:37:af: + 41:25:cc:8b:a4:fd:81:ef:6b:15:2b:91:3c:68:a5:25:53:cf: + c1:b9:aa:49:b4:cd:e3:3c:a2:8e:38:ea:e8:51:7c:7b:92:41: + bd:a3:22:7d:97:59:ad:55:e2:7d:9d:6a:bb:1f:95:84:1c:50: + 00:e9:6c:74:1d:bb:6c:07:ca:bc:6a:a2:dd:c1:66:37:64:bd: + fe:1a:c0:8c:a7:8c:a1:60:b8:c3:d2:5f:92:80:ee:ad:79:29: + f2:ad:e2:9f:74:39:bf:3b:a4:b6:25:2a:87:3f:36:49:b9:52: + fd:91:33:be:1d:41:a9:76:29:47:6e:c7:db:a8:ab:6e:78:91: + c0:13:56:1c:25:41:51:a7:64:4f:07:c0:2a:a8:80:63:8d:98: + e0:54:7d:a6:f4:22:6b:70:fa:1c:16:82:f4:07:2e:e1:ba:94: + 96:ec:c7:9e:8e:0a:24:1e:a4:e9:c0:92:ca:bd:32:98:ef:1f: + e1:a6:e6:4d:1f:c5:68:1b:77:d0:e0:35:1a:a9:c9:ee:98:72: + 7b:c3:e7:51 +-----BEGIN CERTIFICATE----- +MIID9jCCAt6gAwIBAgIJAIYJhVdBv4ZlMA0GCSqGSIb3DQEBCwUAMGsxCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMSMwIQYDVQQDDBpJTlRFUl9DQV9TSEExLVJPT1RfQ0Ff +U0hBMTAeFw0xNzAzMzAwNDUxMDZaFw0yNzAzMjgwNDUxMDZaMH0xCzAJBgNVBAYT +AlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMQ0w +CwYDVQQLDARKYXZhMTUwMwYDVQQDDCxFTkRfRU5USVRZX1NIQTI1Ni1JTlRFUl9D +QV9TSEExLVJPT1RfQ0FfU0hBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBANpiUo1NTWJB6z8G2K+8zWLGMKTWa4zVF0yQlAi1kHbXLWQzU4uncSYYqpWr +AptLk5OswjGM9TAP0vJpEky9I/XG97vPCY1c6eADx66SZDaiVBTnxuV7ogAdyPiq +DtrfwTUhO8OYCzCFPMp8jhnqiQsKMp9hp+d9uLkkD4Tp+ICsHfOKaOd762JQ1hmH +Z5iymw47DpyZou0hsw9nJfLiI/o4I0iKRvTwNrbvONWfTiLVJ5QS/VgWafgH0ZZw +0sBfIzUuYI2LvT5IBOlplhGOv8EFHos1kwGw0oluVYVcrdS19gWLKnKKuBCPM+0t +vVey4yF+oy3xBkOHyfdi9hNbn3ECAwEAAaOBijCBhzB3BgNVHSMEcDBuoWGkXzBd +MQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTALBgNVBAcMBENpdHkxDDAKBgNV +BAoMA09yZzENMAsGA1UECwwESmF2YTEVMBMGA1UEAwwMUk9PVF9DQV9TSEExggkA +jaDSiu4Lz2UwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAKbAQ3EXu +aHdfEpv83utwQS5qol+pzMqXJAFKHcJ4Ulc0nIN/YPXZaKIyienXJXFyceV24zev +QSXMi6T9ge9rFSuRPGilJVPPwbmqSbTN4zyijjjq6FF8e5JBvaMifZdZrVXifZ1q +ux+VhBxQAOlsdB27bAfKvGqi3cFmN2S9/hrAjKeMoWC4w9JfkoDurXkp8q3in3Q5 +vzuktiUqhz82SblS/ZEzvh1BqXYpR27H26irbniRwBNWHCVBUadkTwfAKqiAY42Y +4FR9pvQia3D6HBaC9Acu4bqUluzHno4KJB6k6cCSyr0ymO8f4abmTR/FaBt30OA1 +GqnJ7phye8PnUQ== +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDaCsiXcNnu7WpV +t+FarvFhtaRr4RMQbKGhiIHi4aV0vqWmpX/eFde01eQZTZcPGJzEnjJrkyFo3Wbd +31bjBLpt40kkI7kbODHrA2L+vY/hoCQeXK8+BrGioX9qHOpD7OLI3Esm1+KDiPPK +w6qr9O9nS/fOID3zly92r+obY2ZuW6jQC0Yah3K9INrSIjH+rHXsmj2U5dCnktfi +LzRcocvqtQHASYXFXEhWr1TCMnSz7h+l07O5YgYpmhwkRIPCkcdP+9wGhO2eOJYU +kfaBteodDh7vHj2F+A6Lheosa4mi/nysyhQJl8uBFw97dqab9ul5Tb03iHmaY/q0 +xJKcEohnAgMBAAECggEBAJsa6K6yHJWWVfo8IBb+M7+qExiat5ELdb8O+DaJBcYS +iIwPVvKI3zVIokZNp5OZkotbbcqQk0ehl7dlVM2RY30gHbuTne36/6eKdTV5a4y4 ++niOviqFYH+sGpNFlnBTZtAzxVIQaJXhKmum3RYN2u/EXrdGwEsz1RO89/AbuZXu +VdtEKkjPHXrIjnBkiT4271sm3OiPwOe6g0NKBMJ4InTyB+YtpgxlXtF+vv5cv6Vt +ayT3sNsdsD8HLrenMmwv/k7nTYgNbhaJX2YCs9W7ZEscU2th6F7Cx6Z0z9h1SElC ++OKKhU6HnG/pWFMfWu80ZNjb3NTpXzTv4CLKjEYvz6ECgYEA8qEe+Ga7+XD0XwPB +bFjoKmhOQhv0VCIiu9RgvIxQn5DuGX4H2hO1GP8LYOQZBm25nICIa+DyDZEaFGgL +QgfPI4boK/rdV8syFTUNfw1Wq+W/pHhqzgUGHAnzRpX8jBQa9of14O+B7//ZFdGj +5nt0qFTOAgNGslXMvSicKD/g0mMCgYEA5g7MpMmZI8zPf/PKLBkrQegdX2TBBiI5 +3KzvQuA29tEFdVwUIuhkgQkmy1u9Ujw0jZZ8NVBOsqfg7e7XkVr6/OF+MVWBjWl3 +Jn3DMCHl/HCLIZ4ZOM6/ydIMpBX6Ii53nvpO6vxRaOUg2T2gVHadVjjQAN9Oj68r +TKUHfs4rTy0CgYB/g5QuQnfqKaYUxXmDQtqJZxYyAlUPXn1Yr85DaY75vYaVGTpx +L0hPIcNOIbLRQRt6l8aaw7cS0D6fmOrJwibn6f/dFVP8zwq8QIyeSFlTsERe4PZo +3hUO6V/UqgD3cZ2WEXB0zgtBIfpqUCpOeHWf/inivuwJz7PxegVP1fqHNwKBgA0p +CZHfqm/+1lvmcUlGg0/43D1JwTT9nju+dM1pkBtcZ6iIBOreSmmLQXnenJzorsTu +t9pA5s+XhOl3gUNiZfszVwmxb4DMaLF9/j1xovtm4L6ikaTLRvNfnbOBQlbUO6mP +fhY5KtsKSG/E87gBNQzqoRN7sr3Lcnmm8x/Q4W9dAoGAITDcOI7UgPcnKMO8JUI5 +96Po3c/S7nBilVZRFOwjn0z6jrjzNTd+1IqkzIKBWfs5WlRkzXI6LPJVghwPUqUa +q2C/3hQATD3FchEIohLfd8bj/wObaZNlKJB59a1RjxRZxuVQl3jvovvpn/hdXuJB +nGIx7MryEG/yRpfrk2DL0bI=
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 9e:f7:d7:79:1c:06:83:d5 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA1-ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:05 2017 GMT + Not After : Mar 28 04:51:05 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256-PRIV + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:da:0a:c8:97:70:d9:ee:ed:6a:55:b7:e1:5a:ae: + f1:61:b5:a4:6b:e1:13:10:6c:a1:a1:88:81:e2:e1: + a5:74:be:a5:a6:a5:7f:de:15:d7:b4:d5:e4:19:4d: + 97:0f:18:9c:c4:9e:32:6b:93:21:68:dd:66:dd:df: + 56:e3:04:ba:6d:e3:49:24:23:b9:1b:38:31:eb:03: + 62:fe:bd:8f:e1:a0:24:1e:5c:af:3e:06:b1:a2:a1: + 7f:6a:1c:ea:43:ec:e2:c8:dc:4b:26:d7:e2:83:88: + f3:ca:c3:aa:ab:f4:ef:67:4b:f7:ce:20:3d:f3:97: + 2f:76:af:ea:1b:63:66:6e:5b:a8:d0:0b:46:1a:87: + 72:bd:20:da:d2:22:31:fe:ac:75:ec:9a:3d:94:e5: + d0:a7:92:d7:e2:2f:34:5c:a1:cb:ea:b5:01:c0:49: + 85:c5:5c:48:56:af:54:c2:32:74:b3:ee:1f:a5:d3: + b3:b9:62:06:29:9a:1c:24:44:83:c2:91:c7:4f:fb: + dc:06:84:ed:9e:38:96:14:91:f6:81:b5:ea:1d:0e: + 1e:ef:1e:3d:85:f8:0e:8b:85:ea:2c:6b:89:a2:fe: + 7c:ac:ca:14:09:97:cb:81:17:0f:7b:76:a6:9b:f6: + e9:79:4d:bd:37:88:79:9a:63:fa:b4:c4:92:9c:12: + 88:67 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:84:A1:70:1D:0A:92:D3:CD + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 89:84:ce:6d:80:83:e7:19:80:21:a5:d3:79:ac:c4:2f:5c:5f: + 47:f1:1c:e7:40:2a:57:ec:76:01:a9:10:b6:a2:2b:1b:02:ac: + f7:46:b1:67:b3:36:0f:fa:f0:a3:40:c2:5a:38:00:67:a9:9d: + e8:59:be:2f:5b:d0:c6:6c:20:90:c0:3b:6b:af:75:8c:93:ac: + 5a:1e:8b:66:2c:79:0b:6d:9d:0d:d3:68:b5:b6:df:d6:04:6b: + 24:f7:5a:b9:f0:18:08:81:b1:50:1c:ac:1b:7a:b7:b8:d8:8e: + 6f:15:78:7e:23:5f:41:5c:df:76:09:1a:67:36:15:35:6a:77: + 36:09:19:50:12:6d:60:20:c1:7a:36:cb:4c:ee:a8:d7:b7:c7: + 29:26:31:04:0a:44:48:25:be:dd:00:92:ea:8c:00:ee:b4:eb: + 52:4a:da:47:97:d7:42:df:dd:7d:17:de:e3:a1:14:49:3b:2d: + aa:ac:e7:83:0f:c0:2d:3f:31:c5:af:bb:b1:1e:53:d1:a7:13: + 55:e3:25:f6:67:95:a1:75:e9:b8:a1:81:eb:d0:de:8a:a3:af: + 78:dc:d0:39:d0:e7:d6:61:9e:39:7b:8b:f9:ee:44:48:78:92: + e7:22:fa:9c:a4:d0:6b:2b:89:0a:fa:78:3d:7a:af:44:91:e5: + 8a:40:2f:10 +-----BEGIN CERTIFICATE----- +MIIEAjCCAuqgAwIBAgIJAJ7313kcBoPVMA0GCSqGSIb3DQEBCwUAMG0xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMSUwIwYDVQQDDBxJTlRFUl9DQV9TSEExLVJPT1RfQ0Ff +U0hBMjU2MB4XDTE3MDMzMDA0NTEwNVoXDTI3MDMyODA0NTEwNVowgYQxCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMTwwOgYDVQQDDDNFTkRfRU5USVRZX1NIQTI1Ni1JTlRF +Ul9DQV9TSEExLVJPT1RfQ0FfU0hBMjU2LVBSSVYwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQDaCsiXcNnu7WpVt+FarvFhtaRr4RMQbKGhiIHi4aV0vqWm +pX/eFde01eQZTZcPGJzEnjJrkyFo3Wbd31bjBLpt40kkI7kbODHrA2L+vY/hoCQe +XK8+BrGioX9qHOpD7OLI3Esm1+KDiPPKw6qr9O9nS/fOID3zly92r+obY2ZuW6jQ +C0Yah3K9INrSIjH+rHXsmj2U5dCnktfiLzRcocvqtQHASYXFXEhWr1TCMnSz7h+l +07O5YgYpmhwkRIPCkcdP+9wGhO2eOJYUkfaBteodDh7vHj2F+A6Lheosa4mi/nys +yhQJl8uBFw97dqab9ul5Tb03iHmaY/q0xJKcEohnAgMBAAGjgYwwgYkweQYDVR0j +BHIwcKFjpGEwXzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQ0wCwYDVQQHDARD +aXR5MQwwCgYDVQQKDANPcmcxDTALBgNVBAsMBEphdmExFzAVBgNVBAMMDlJPT1Rf +Q0FfU0hBMjU2ggkAhKFwHQqS080wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsF +AAOCAQEAiYTObYCD5xmAIaXTeazEL1xfR/Ec50AqV+x2AakQtqIrGwKs90axZ7M2 +D/rwo0DCWjgAZ6md6Fm+L1vQxmwgkMA7a691jJOsWh6LZix5C22dDdNotbbf1gRr +JPdaufAYCIGxUBysG3q3uNiObxV4fiNfQVzfdgkaZzYVNWp3NgkZUBJtYCDBejbL +TO6o17fHKSYxBApESCW+3QCS6owA7rTrUkraR5fXQt/dfRfe46EUSTstqqzngw/A +LT8xxa+7sR5T0acTVeMl9meVoXXpuKGB69DeiqOveNzQOdDn1mGeOXuL+e5ESHiS +5yL6nKTQayuJCvp4PXqvRJHlikAvEA== +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDHC0ieOFNTJjP+ +HMlFQ/w50Hx/+FYh9z9w3i08dVvi8oEhGUop7fvsqEyuAj3U/BYG87Wsv27wfa9l +qSJRSgqUT3yI4jsMY/ozUInuKpp/yL97abyZVDUZc3diDZqryA/Qur8HNVLyA2hD +DA9x8Ioeu5EDFl7AeqV3jx+A8fbulwVeCa29GByVkWRUEVF/48a1jpazBf2YQvrm +5ElWoG8fuMrz6vgj+gYZYb1GPXmJQrtAIRp4Z1/AquPS4A/O21DnPLEM8WSw+rSC +KGGKMqefJw74zeVyPlOiOmjFTeNfeVDViQrDgU++CTDjFa8XhweU6v+MtY5Mmzmf +2AETGyd9AgMBAAECggEANCdMu8hebOcRsH+ybSfHKw7p0E4to3C5esV8bN8DWI/a +LeYGfL4SyIvAq8eClBAJZYDuFXmDhBgqoSSUDWCtLPc21lcQycpYgKGVwoX/PYRI +R/oIpNRfpW+P1G1kHaaqHjMQYr8iIK+r3gWG9n/kcPEMqhZudVitiopB4vODlDgf +OI0goNWwYOPzoBkJSBbgfYC7vSz0dg+j9ooYPDnyUnHjykhu95mkmBHYc/MVMP8s +ntFB5pgtWuLQATZImW4A1dtZiqCsF6APvJIQASxVq+wv3dwhejF9xMZR96QchVZJ +QvPOcH76njIH4fThb0e46Dn54+KBpCnveSnDtAz5sQKBgQD2u6gWOK/Z4VqGlff1 +diLqzesdalCJhydKzOGRzRiJeW4E4MhEpUjIo44zPGkQ64zq6nefqIltdiaE7T9C +Fnyu/+vd0zE1v3Ipgv0wD3NgTj3gGrBwl2gkY5sfSbCR+8vS/DhRU+s3KN45m3s4 +XfM27Uw/Zh/DFIe7jmGezfe/3wKBgQDOhRjDfxDDLCEXw4QFQb7Sp/43EGfoTd8h +m700T/QXUTGx6qRhzHF9mUVea7FT+3I6CEqYNnZtFlYsJlq1g457rnvUJnTjJZb7 +wFl1h+u4u3IKo/lUUh2vD89PPOkMUF/uamJLh5jK7KNkOjwEDN2yPkRgaedY++nv +NBcUPpGUIwKBgEkFmOWauVC+hVA3qj8XS5Y6g08dW+CYA2T75faEwLJPIeSHsj2+ +vR/EaB15z46WaApOgkDaXHHs+dF1dbdVeGlCjMgF7RZ/JoZqogxLRlZGUcG1pGpu +JQBACnTkFkHeR6CVzQUk1QRqL/rUrU8tXwHukRZiXxwZQ2Ka7QFW6+/5AoGAHGem +Dk2NyqppKtGTeP2f921vw7cX85WyWPcIwQc2NXbPdP8m+OSbv4CzT9dUHo75GQ5G +5ESpaTunQo9L7qdXk59eHMHlVdC3wYylQUsemtv9RYVkJ7rbplZwVx+zliP/7dTo +DCdsVozRtFlmI9B5Najm0rP+Q/jyJhpuCjTI5S0CgYEAsYcmFZZotwOyT4oJ/1Fu +BtSOsoxnCa1vPJTVXEoX3F28ZUP4X0iWgGDO1e3aoWWYxWusf1fUj9BWbVnbtJfb +gJ5JtQTAuMvmjCwFRWcBUytdxTUsWFbuDc5fw7DMW7YqjkCCISkd6Q8JyaFsJPy1 +7uFzumBnFtZGUIo2w4l8yrQ=
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 9e:b3:99:30:15:24:2c:69 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA256-ROOT_CA_SHA1 + Validity + Not Before: Mar 30 04:51:06 2017 GMT + Not After : Mar 28 04:51:06 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c7:0b:48:9e:38:53:53:26:33:fe:1c:c9:45:43: + fc:39:d0:7c:7f:f8:56:21:f7:3f:70:de:2d:3c:75: + 5b:e2:f2:81:21:19:4a:29:ed:fb:ec:a8:4c:ae:02: + 3d:d4:fc:16:06:f3:b5:ac:bf:6e:f0:7d:af:65:a9: + 22:51:4a:0a:94:4f:7c:88:e2:3b:0c:63:fa:33:50: + 89:ee:2a:9a:7f:c8:bf:7b:69:bc:99:54:35:19:73: + 77:62:0d:9a:ab:c8:0f:d0:ba:bf:07:35:52:f2:03: + 68:43:0c:0f:71:f0:8a:1e:bb:91:03:16:5e:c0:7a: + a5:77:8f:1f:80:f1:f6:ee:97:05:5e:09:ad:bd:18: + 1c:95:91:64:54:11:51:7f:e3:c6:b5:8e:96:b3:05: + fd:98:42:fa:e6:e4:49:56:a0:6f:1f:b8:ca:f3:ea: + f8:23:fa:06:19:61:bd:46:3d:79:89:42:bb:40:21: + 1a:78:67:5f:c0:aa:e3:d2:e0:0f:ce:db:50:e7:3c: + b1:0c:f1:64:b0:fa:b4:82:28:61:8a:32:a7:9f:27: + 0e:f8:cd:e5:72:3e:53:a2:3a:68:c5:4d:e3:5f:79: + 50:d5:89:0a:c3:81:4f:be:09:30:e3:15:af:17:87: + 07:94:ea:ff:8c:b5:8e:4c:9b:39:9f:d8:01:13:1b: + 27:7d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA1 + serial:8D:A0:D2:8A:EE:0B:CF:64 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 2b:43:e4:c1:37:36:00:a3:ed:25:15:c7:9f:6b:25:0e:24:cd: + 1c:e8:d2:8c:a6:11:05:a9:2b:b5:dc:7b:fd:55:8e:be:1d:15: + d7:8b:a8:a6:44:cf:03:ba:ba:78:74:26:b9:19:11:c0:03:9b: + 4d:2f:f9:f7:ea:da:a3:2f:82:f9:9e:d0:77:d6:bf:eb:fd:57: + c8:eb:03:54:0a:0c:2b:36:0c:e5:99:b7:93:4d:a9:9d:e9:50: + 80:66:4e:73:c1:bd:83:13:09:ee:b9:01:62:ed:90:0e:4f:ff: + 9d:92:f3:cd:db:1f:ba:da:fc:67:9d:cb:a0:09:99:8b:3e:ea: + 9d:61:55:ac:6f:fb:11:5c:c0:fe:fb:ff:5b:15:7d:a7:c1:aa: + 3a:cd:30:43:35:ea:44:8a:21:ae:9f:af:bc:5c:ae:3a:01:2c: + 3b:eb:b6:8c:6a:e1:1c:4e:55:0a:84:5b:f8:68:71:aa:97:02: + 9b:5d:c4:c9:42:df:19:91:28:4a:12:35:8d:2e:3d:10:ec:35: + 8a:b1:d7:e0:e2:a6:f9:f6:47:4b:17:75:84:8e:2d:66:e8:74: + be:d6:27:6b:a2:28:23:26:41:70:92:c2:7c:50:e2:81:c9:e0: + 10:84:5d:87:4f:db:93:ce:dd:09:d2:48:63:3d:53:66:31:64: + 5a:13:b5:a6 +-----BEGIN CERTIFICATE----- +MIID+jCCAuKgAwIBAgIJAJ6zmTAVJCxpMA0GCSqGSIb3DQEBCwUAMG0xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMSUwIwYDVQQDDBxJTlRFUl9DQV9TSEEyNTYtUk9PVF9D +QV9TSEExMB4XDTE3MDMzMDA0NTEwNloXDTI3MDMyODA0NTEwNlowfzELMAkGA1UE +BhMCVVMxCzAJBgNVBAgMAkNBMQ0wCwYDVQQHDARDaXR5MQwwCgYDVQQKDANPcmcx +DTALBgNVBAsMBEphdmExNzA1BgNVBAMMLkVORF9FTlRJVFlfU0hBMjU2LUlOVEVS +X0NBX1NIQTI1Ni1ST09UX0NBX1NIQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDHC0ieOFNTJjP+HMlFQ/w50Hx/+FYh9z9w3i08dVvi8oEhGUop7fvs +qEyuAj3U/BYG87Wsv27wfa9lqSJRSgqUT3yI4jsMY/ozUInuKpp/yL97abyZVDUZ +c3diDZqryA/Qur8HNVLyA2hDDA9x8Ioeu5EDFl7AeqV3jx+A8fbulwVeCa29GByV +kWRUEVF/48a1jpazBf2YQvrm5ElWoG8fuMrz6vgj+gYZYb1GPXmJQrtAIRp4Z1/A +quPS4A/O21DnPLEM8WSw+rSCKGGKMqefJw74zeVyPlOiOmjFTeNfeVDViQrDgU++ +CTDjFa8XhweU6v+MtY5Mmzmf2AETGyd9AgMBAAGjgYowgYcwdwYDVR0jBHAwbqFh +pF8wXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQ0wCwYDVQQHDARDaXR5MQww +CgYDVQQKDANPcmcxDTALBgNVBAsMBEphdmExFTATBgNVBAMMDFJPT1RfQ0FfU0hB +MYIJAI2g0oruC89kMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBACtD +5ME3NgCj7SUVx59rJQ4kzRzo0oymEQWpK7Xce/1Vjr4dFdeLqKZEzwO6unh0JrkZ +EcADm00v+ffq2qMvgvme0HfWv+v9V8jrA1QKDCs2DOWZt5NNqZ3pUIBmTnPBvYMT +Ce65AWLtkA5P/52S883bH7ra/Gedy6AJmYs+6p1hVaxv+xFcwP77/1sVfafBqjrN +MEM16kSKIa6fr7xcrjoBLDvrtoxq4RxOVQqEW/hocaqXAptdxMlC3xmRKEoSNY0u +PRDsNYqx1+Dipvn2R0sXdYSOLWbodL7WJ2uiKCMmQXCSwnxQ4oHJ4BCEXYdP25PO +3QnSSGM9U2YxZFoTtaY= +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDuH2+6I/ytoLeW +AG3J0xMQafYmxYDZNaDjiWBl7TGpL4TjRY84FuHI/G8ib0VY9DKtyUixm7qZev+b +ExrfQGk9ZV7Dn41uBvmGcUMSqwb0QV/5/hneP7/3EXhoWjsCFUe0r0zOgCM7O9+F +jUlSuxEHyaFE09PxWGVZpU4Yu71PeoI/JJGITV81o2Fst7Urz65NE5OWrvbO+pfD +EiRvjLv/uil7znYV28lCbH7U1K8q5nGVtnpgTguhGL6/N3lIgvxoBtoXEQwdMV59 +APsH8anA19rHn5h/ZmknryxAs0c6Rg9Plo30MonIU/eAVZwNw8TczD276Rc02xnW +RmbmxToRAgMBAAECggEAbK3OWV9JWJlMkNqbQQzj247w+FsV5ozSZGbzpzFtg/Eb +Lns11XykCg4kTswIE4RIiQaf9efEb34yoL1Ee3YzUgEtEg2FCB2IzvJskV2ba+lW +e4uclNH1tDa2BLKB0f6SXoXPgUP8UHGQH60PNQIJ0MsWnoorZjBY+WQ305QD3/yB +fMonkjpWN+ZNTY8Y3vA2SsS4EoY0Ndy2FpmWPwKKMCcqXw6xzVjKvq+jpFfsGpcj +i3MlKsCG5koreWrXdyt28CVOc6eMW5rsJfAHRw+OSn7PdLaGyZCUUsFXCjG0Vq2G +YwuMfTJprrZk+lbi3XUXWk7XUEURB7Q4lIBxAcskAQKBgQD8pVj0OIsVHAGjQQ7C +ZAnxFlON7XX3fgPdLtil9c+a1GlcPA2K52fBp8YlKlAS4bmZIQHbbkEBjh8KfG1P +x7zBHoUXV8ruo/axzRPoeBVQat5NQKcKnlITrqdf8J3a+8iMxpMpd53h97HGiayq +W04ZQNf7wjXvR+pJVluTEaoVUQKBgQDxSLruMmCsYvD+sipaQ3rBEMIAI3kc7ctl +fEnipEk5wtPkKKldw+rvbh/AwY2i2JMUDcW92hkB5vCvbcKmCEkEO3FbawNkJnJi +qfwbvHP/fGThMV3gbWWF3GZvBKY2+toSa2rwoR5kYTT1e4+byk38NAp/HAItFHIT +DgAgMy6owQKBgQCjd8jKnBtBmVFl9B48oMXd+/gsCM0fSaXuYvVCzH17TJyvVRve +GEQGBSwrt+j/jpWsArNU602cV/y1qDSCPlZfDgRHSkK/jc9805hh/fCsi7kyevaZ +5D5vBb6+UM2Sdv8YNxPY7NB2+PFJ6KKTx2gM5uvYtZx4KivpL7souXE3QQKBgDxg +FZ5q7rPUIjepP13MyteqqNC+D51Eh4PCgP58W3JfpQPPhOnYj14QMVPbWuSnys3W +0Gc8PsuyDQHoti8znYm4khntAjE6SZ8Up+gM1P3WE6wh3Tq+RQwk5WDcSfcx+AVp +6Z2Cw4ccp9LRc1LpYXA9WW8LBCRhnFXWSAPGquNBAoGAdCsvFzSipQ5qxWPlClRM +lKqDdQheRl9IKCuImXZAvdX952VhmP7QV5PUwLV/CkVquvSdRSshrMO/fqFjfkjr +puajXghFXa+YppQW42tPYBmKDnNVgxW5d5sC62AYaykh2iNw3v4BJyN+MMmkSf0M +4/mKvs5m8N2OkOpY6r2wCp8=
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA256.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + e8:33:78:c7:69:9c:28:c1 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA256-ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:04 2017 GMT + Not After : Mar 28 04:51:04 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ee:1f:6f:ba:23:fc:ad:a0:b7:96:00:6d:c9:d3: + 13:10:69:f6:26:c5:80:d9:35:a0:e3:89:60:65:ed: + 31:a9:2f:84:e3:45:8f:38:16:e1:c8:fc:6f:22:6f: + 45:58:f4:32:ad:c9:48:b1:9b:ba:99:7a:ff:9b:13: + 1a:df:40:69:3d:65:5e:c3:9f:8d:6e:06:f9:86:71: + 43:12:ab:06:f4:41:5f:f9:fe:19:de:3f:bf:f7:11: + 78:68:5a:3b:02:15:47:b4:af:4c:ce:80:23:3b:3b: + df:85:8d:49:52:bb:11:07:c9:a1:44:d3:d3:f1:58: + 65:59:a5:4e:18:bb:bd:4f:7a:82:3f:24:91:88:4d: + 5f:35:a3:61:6c:b7:b5:2b:cf:ae:4d:13:93:96:ae: + f6:ce:fa:97:c3:12:24:6f:8c:bb:ff:ba:29:7b:ce: + 76:15:db:c9:42:6c:7e:d4:d4:af:2a:e6:71:95:b6: + 7a:60:4e:0b:a1:18:be:bf:37:79:48:82:fc:68:06: + da:17:11:0c:1d:31:5e:7d:00:fb:07:f1:a9:c0:d7: + da:c7:9f:98:7f:66:69:27:af:2c:40:b3:47:3a:46: + 0f:4f:96:8d:f4:32:89:c8:53:f7:80:55:9c:0d:c3: + c4:dc:cc:3d:bb:e9:17:34:db:19:d6:46:66:e6:c5: + 3a:11 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:84:A1:70:1D:0A:92:D3:CC + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 1d:1a:87:7d:11:0e:cc:cd:7f:6c:ed:21:1a:2c:35:de:09:b8: + c4:cf:0c:31:00:3d:f5:bd:d4:6e:f0:4f:7e:c2:8d:d6:c5:28: + ed:38:9d:d7:52:32:e2:8d:7b:64:c8:1d:4e:69:7e:49:5f:e1: + 5e:04:c7:d3:96:d2:63:ef:2c:35:4f:eb:08:2b:9d:b0:15:df: + 33:d8:1c:59:8e:bb:f1:28:4f:f0:85:bb:3c:56:e1:86:a4:75: + 2b:44:8a:1c:98:ae:94:f3:b6:76:a9:a3:e7:d6:bc:58:ef:fe: + 32:11:6f:76:5b:85:f8:14:91:83:2c:b6:20:a5:48:48:8b:6e: + ee:a8:6c:2b:12:18:94:3e:59:5e:a6:66:53:dc:40:b2:da:fd: + a4:5f:16:35:b6:20:2b:31:86:9b:91:55:b2:35:63:d2:47:bd: + 91:7e:43:bc:d6:0e:dc:95:1a:f0:8d:08:e5:66:cd:d1:0b:32: + d6:92:26:3e:78:e8:70:74:e1:14:64:b0:39:5d:7c:d0:28:23: + c7:83:53:02:90:fe:fc:9e:aa:9a:fb:c4:ef:9d:d5:22:f6:c1: + fd:e4:07:04:25:4f:8f:b2:13:6f:0d:51:cc:54:b4:38:d3:ac: + 31:aa:94:c5:d0:c8:5a:58:35:13:87:3e:f6:74:26:8c:2b:7d: + 6c:8e:36:a5 +-----BEGIN CERTIFICATE----- +MIIEATCCAumgAwIBAgIJAOgzeMdpnCjBMA0GCSqGSIb3DQEBCwUAMG8xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMScwJQYDVQQDDB5JTlRFUl9DQV9TSEEyNTYtUk9PVF9D +QV9TSEEyNTYwHhcNMTcwMzMwMDQ1MTA0WhcNMjcwMzI4MDQ1MTA0WjCBgTELMAkG +A1UEBhMCVVMxCzAJBgNVBAgMAkNBMQ0wCwYDVQQHDARDaXR5MQwwCgYDVQQKDANP +cmcxDTALBgNVBAsMBEphdmExOTA3BgNVBAMMMEVORF9FTlRJVFlfU0hBMjU2LUlO +VEVSX0NBX1NIQTI1Ni1ST09UX0NBX1NIQTI1NjCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAO4fb7oj/K2gt5YAbcnTExBp9ibFgNk1oOOJYGXtMakvhONF +jzgW4cj8byJvRVj0Mq3JSLGbupl6/5sTGt9AaT1lXsOfjW4G+YZxQxKrBvRBX/n+ +Gd4/v/cReGhaOwIVR7SvTM6AIzs734WNSVK7EQfJoUTT0/FYZVmlThi7vU96gj8k +kYhNXzWjYWy3tSvPrk0Tk5au9s76l8MSJG+Mu/+6KXvOdhXbyUJsftTUryrmcZW2 +emBOC6EYvr83eUiC/GgG2hcRDB0xXn0A+wfxqcDX2sefmH9maSevLECzRzpGD0+W +jfQyichT94BVnA3DxNzMPbvpFzTbGdZGZubFOhECAwEAAaOBjDCBiTB5BgNVHSME +cjBwoWOkYTBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTALBgNVBAcMBENp +dHkxDDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEXMBUGA1UEAwwOUk9PVF9D +QV9TSEEyNTaCCQCEoXAdCpLTzDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA +A4IBAQAdGod9EQ7MzX9s7SEaLDXeCbjEzwwxAD31vdRu8E9+wo3WxSjtOJ3XUjLi +jXtkyB1OaX5JX+FeBMfTltJj7yw1T+sIK52wFd8z2BxZjrvxKE/whbs8VuGGpHUr +RIocmK6U87Z2qaPn1rxY7/4yEW92W4X4FJGDLLYgpUhIi27uqGwrEhiUPllepmZT +3ECy2v2kXxY1tiArMYabkVWyNWPSR72RfkO81g7clRrwjQjlZs3RCzLWkiY+eOhw +dOEUZLA5XXzQKCPHg1MCkP78nqqa+8TvndUi9sH95AcEJU+PshNvDVHMVLQ406wx +qpTF0MhaWDUThz72dCaMK31sjjal +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA1-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDX1pPNXGpnPQNc +x9ReXrjbcHkIoyXcdXbhO0TnUBV5aGJTEn5/meDsK76Y2KDVyU/EO2jXpaQ5QiGn +UzY6vKIn6boqTov4NLYwBsVPdAG/xZyr5q7p6bnJ8WRj40A2JeOeZ3FMglRtBCNg +rYeEC4MDp2F41OVxsJZ4huodq94arqhD/hjE40g06UNa0I+/2dIpI2cSamIC5b3L +/DK3ol+gIw/OOxMCgzAUSjeH6nTrrW1hUeSKx0NPGWRLWzLQ2yxhYcXlsedNuKHo +ux/p3EkGXoGPajK7s7IlKj9CPQYwlQez37jCLJGovArqTr/8hxfrKMdZOl5bp+6H +6uWh6af7AgMBAAECggEAXrUsM79qfRR7pjmVCTe9G6T1pwGXum3clSYhrPIqChTw +mA0Ubr9Bv7/OKVlc8ZIdKzj6Xy2yquFGzRopQIrHCIZ5htjieC4BB3/hEmUP42s9 +vPxDIibJvD/s0hvEcD4d68LuJylFDHT1ZRWf0iQPAApxLckVSNa4n/hrQEvK8J+G +HIH8VATq9iHp/GQmmFB8b3ubqn46zDGqly14+TGP2KtVJlY9FuCpvmtZZZjJ+K09 +vYM+BATwje6N6PqX5a3Z+NFC1NK9CmC+U6ECJ27uhySn8kvlU/i/SOAnrPftByO7 +g7K8p2Qzq1LlVIUU/JTidNZGXTaTMOVg8eHLmyt92QKBgQD9a94rLqk9BUtVsTYa +AImt+KbUMB+Zi83cYDiCfNBkfIYw4dVUFJecmqZwg7IeqNwuSmXP41fASOvDel/L +8bOj/rPccVSG9pmU0ir5WK9n8zobogfAzvaFr8cmo+TVv0FOZZA8e/+UfVsiKAsW +3nwhwxN8ieILU1dtaNV1IfnAPwKBgQDaCM9URf+DFILI2WpuzKpk1loF6HrlklIn ++N0IFFcalqUpC8GhXTw7suypRBCZ+cp32h7WEcN9aHLMrnkDQP3bGTv53pJT5N9k +7nk9Bfrk0CJCxeMRKwtuMhLkOmT0eh2aB1lWR0owA5b1Gjtiz5kTW7NN2+paJCDz +SiDLVoFpRQKBgQCHvt0N4nuy/QACkd86BGm7b8LlTDXRCMsnrb73XqY9/VngG0gr +NrCTqV9YS6MAu1Dd1uo8djnN/QGU/xsLYpfoU4nCnk450SQpTH7Ke8/Rbb8FiECA +7hutNqAFuardOApiVRLy4zTfNFq5rBtsj5aMezMX9b/Ic0cUiyA0ExP1/wKBgQCp +SDvI34wRdqRQUtWa7xbAsdg1TBnXEjLtTAA4nKpAP4Q+CR2uLlhstW+fv/PvyIwV +X+mfJS2VubmgBzp3d0dhjAcP6mnL7yAvGiRRZ8ozSxG+rCuvEa+PQBuAzYHCeulu +xJPtM+56tt7GsDY5cpsT95eQNNWQZQqcOgqaNTDGzQKBgCmMwRP1HN0qUSSVO1d8 +8N17OoZe5yntppEjesYQrLf4AEgPS3Qj8dv0qfe3z1B0gAKlG9+OR8cUBCMGVyum +b51SiSi3LSm1VeuMfT7JDMSxTkbaI5CY7v+/5yCRFqikgBtCkHM9m4K95d3dVDO8 +JGrlKiKVIbu5LnQZMkPHRIEX
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA1.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 8d:a0:d2:8a:ee:0b:cf:65 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA1 + Validity + Not Before: Mar 30 04:51:04 2017 GMT + Not After : Mar 28 04:51:04 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA1-ROOT_CA_SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:d7:d6:93:cd:5c:6a:67:3d:03:5c:c7:d4:5e:5e: + b8:db:70:79:08:a3:25:dc:75:76:e1:3b:44:e7:50: + 15:79:68:62:53:12:7e:7f:99:e0:ec:2b:be:98:d8: + a0:d5:c9:4f:c4:3b:68:d7:a5:a4:39:42:21:a7:53: + 36:3a:bc:a2:27:e9:ba:2a:4e:8b:f8:34:b6:30:06: + c5:4f:74:01:bf:c5:9c:ab:e6:ae:e9:e9:b9:c9:f1: + 64:63:e3:40:36:25:e3:9e:67:71:4c:82:54:6d:04: + 23:60:ad:87:84:0b:83:03:a7:61:78:d4:e5:71:b0: + 96:78:86:ea:1d:ab:de:1a:ae:a8:43:fe:18:c4:e3: + 48:34:e9:43:5a:d0:8f:bf:d9:d2:29:23:67:12:6a: + 62:02:e5:bd:cb:fc:32:b7:a2:5f:a0:23:0f:ce:3b: + 13:02:83:30:14:4a:37:87:ea:74:eb:ad:6d:61:51: + e4:8a:c7:43:4f:19:64:4b:5b:32:d0:db:2c:61:61: + c5:e5:b1:e7:4d:b8:a1:e8:bb:1f:e9:dc:49:06:5e: + 81:8f:6a:32:bb:b3:b2:25:2a:3f:42:3d:06:30:95: + 07:b3:df:b8:c2:2c:91:a8:bc:0a:ea:4e:bf:fc:87: + 17:eb:28:c7:59:3a:5e:5b:a7:ee:87:ea:e5:a1:e9: + a7:fb + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA1 + serial:F1:3B:B7:FB:28:3F:52:09 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + d3:ce:da:23:e1:7c:73:fb:7f:26:d7:a4:3c:7b:17:01:75:ce: + a5:bd:75:f1:65:1b:56:27:ae:f8:97:a6:c4:ca:94:93:c9:12: + bb:c7:ec:2b:d5:38:d5:43:3a:6c:c2:51:3a:79:2f:d7:4e:da: + 2d:12:1f:b8:c2:4f:c8:ba:33:d3:f5:0c:78:cc:26:69:24:47: + 3f:ed:17:a0:7f:d0:20:fe:11:ca:75:50:1a:61:e1:91:b5:fa: + 91:04:e9:14:59:77:d4:29:0f:43:19:e0:dc:dd:a6:18:14:f4: + 33:3e:f0:cb:36:7b:18:04:03:dd:be:35:41:c4:3e:65:d2:67: + 44:73:ab:7f:d1:b9:26:7e:b3:1e:d0:e4:a4:52:83:60:a9:e6: + e1:bf:62:bb:9b:16:0c:97:ad:11:1a:2f:eb:92:ca:7e:98:15: + 46:23:59:5d:26:d9:ec:57:85:51:5b:09:f1:9b:1b:d3:5d:53: + 02:67:1a:e4:24:49:67:87:04:75:66:13:56:1b:8b:a1:08:de: + c8:4b:f8:87:73:6e:c2:31:ee:f6:32:14:45:32:a3:3f:e4:b1: + 0f:23:28:29:b4:a3:86:65:4f:2e:57:ad:8f:44:77:f8:4b:ea: + 7b:9d:8e:dc:cb:07:ee:b4:78:46:db:cd:12:eb:ad:ef:9b:8f: + 22:ba:83:7b +-----BEGIN CERTIFICATE----- +MIID1jCCAr6gAwIBAgIJAI2g0oruC89lMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRUwEwYDVQQDDAxST09UX0NBX1NIQTEwHhcNMTcwMzMw +MDQ1MTA0WhcNMjcwMzI4MDQ1MTA0WjBrMQswCQYDVQQGEwJVUzELMAkGA1UECAwC +Q0ExDTALBgNVBAcMBENpdHkxDDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEj +MCEGA1UEAwwaSU5URVJfQ0FfU0hBMS1ST09UX0NBX1NIQTEwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDX1pPNXGpnPQNcx9ReXrjbcHkIoyXcdXbhO0Tn +UBV5aGJTEn5/meDsK76Y2KDVyU/EO2jXpaQ5QiGnUzY6vKIn6boqTov4NLYwBsVP +dAG/xZyr5q7p6bnJ8WRj40A2JeOeZ3FMglRtBCNgrYeEC4MDp2F41OVxsJZ4huod +q94arqhD/hjE40g06UNa0I+/2dIpI2cSamIC5b3L/DK3ol+gIw/OOxMCgzAUSjeH +6nTrrW1hUeSKx0NPGWRLWzLQ2yxhYcXlsedNuKHoux/p3EkGXoGPajK7s7IlKj9C +PQYwlQez37jCLJGovArqTr/8hxfrKMdZOl5bp+6H6uWh6af7AgMBAAGjgYowgYcw +dwYDVR0jBHAwbqFhpF8wXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQ0wCwYD +VQQHDARDaXR5MQwwCgYDVQQKDANPcmcxDTALBgNVBAsMBEphdmExFTATBgNVBAMM +DFJPT1RfQ0FfU0hBMYIJAPE7t/soP1IJMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN +AQEFBQADggEBANPO2iPhfHP7fybXpDx7FwF1zqW9dfFlG1YnrviXpsTKlJPJErvH +7CvVONVDOmzCUTp5L9dO2i0SH7jCT8i6M9P1DHjMJmkkRz/tF6B/0CD+Ecp1UBph +4ZG1+pEE6RRZd9QpD0MZ4NzdphgU9DM+8Ms2exgEA92+NUHEPmXSZ0Rzq3/RuSZ+ +sx7Q5KRSg2Cp5uG/YrubFgyXrREaL+uSyn6YFUYjWV0m2exXhVFbCfGbG9NdUwJn +GuQkSWeHBHVmE1Ybi6EI3shL+IdzbsIx7vYyFEUyoz/ksQ8jKCm0o4ZlTy5XrY9E +d/hL6nudjtzLB+60eEbbzRLrre+bjyK6g3s= +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA256-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDWN68vV57EPqPZ +Dtvi2+NI4tfxUgkaWJXbqrLKuAJC8bff9edZpMXGAyqMpDDr7MAjs/3TDYpVaWYN +Id5iwqamImbBLYf/K0LOkaX6+TyogaqwwdNVryR5eYcGXEiJY1MJ2mgzCNeGJ091 +4qwll3xkjAFolB6o9QoIbLB3cctl0vw6oAoi3TKWQxJ+UI6/uBotX5eQ9z1b/MDs +6PNXHB22jYAj4tOePMZxq7AVCwTFpWbHK8j5ftXxpVoU5ECNHfIAHLprJqc/lKdf +7rMyflbsjD8nV7TwY+FW7WfOQgiJhk0OK3VaBeSsovpOOwjS4Lpsazh3eUXeZJUk +lrYrMfI3AgMBAAECggEAEpXmNx9NAQ3GPXDSlw4o3AwCXEeXzpdc+SAIPxpT5+b8 +4wt8tQRcvF9N88HTFMUHrpFRNlx4Ygyw8/a6SqtEtilJ7Py8TeE8/JsaYXn6T0xg +uNE4OrjlWzy2AFFFYdYiQDqYy8S6nkMO29V8xg4slrSm8qHXPyVzZ2O2s8ZFtWG+ +ItAMb+Gv7FU2M4te/TwRnadljFAoyWry0XCXle1fN1Y3QJXtu3VDdmLmU0t+VGfa +wuZ5k0FIb9TFIQuxtgUNXJZmIjZw4Ych3luUc1bMSn9FPHeOzk8J3yo1tGqQu15M +KMLHxASTgt6opfhDbYIpD0fJJqCPdiJlMrqXHBPYwQKBgQDy8lrmsjBE97H0U2sS +tqlJq+7VOe2ien+z6seXFxd6XHBI8D/wTi2Q/7BpIGbpek3xc0ujxaFbcqo/RJZA +TUzYmc5leQLTwy4a54Neo33+sOuYPg8fQIMPT1OGa3DXv3EPSC8FdQrweNjn/bDX +YXbXJ2nKc3RgdTVehuMh6mw25wKBgQDhuitrTL3dlyHMGhO+djxW3cgjsUbJXQsK +1GnkGw5mzzL67M6ixw4WNxNJjuXEUI5Vat8iJzhZOA+Ae84DDbeN2FCM7UBpUsyB +9T9aApBYLLMflZhl4PXK/zkh1J9vA5NqqJbAcw6a5uH0kjtuJOSvP5CVQc2xsX9i +U9+eZesQMQKBgHo4Znasqg/oNIRf+vvdHOlNL8fhbqVQzzHqKSLfoRYTrwFirCfu +jInnuA4LGPrYZqHTiPgJEpX456EQli4fNUu6hNUTvdJe3LD4S2SvB1G8G6npfp4Q +TF7FX5W+M3S2gOBZRh6OtUQo56Y+QFr6U1kGIPiSgLeN/51gap/DWVF9AoGBAMmL +hMEloFF+Y/rtPbvNrkqRc+YKn32jyfw9dN7rGYzKbGaHkmjc+sLzIhGHubfzhWLX +Law9AJ8I4y6BXIx1bvMDtche/igMefV/mLUxnNhd8QG+fHhayJwcDlMamdBxjOqq +5Q+oq927UP0ipFXQMzAWvW3Hd3W1WlvdL8kqjxvBAoGBAMaZ9JZO48Zn17IUweZC +oVfM99YaHa+dm3L47PdQN6Ag6UjQ+sZ/6SLGIIg67SDhUQ+nuPCL8PH3Rf7PCuqW +oHW3F+44SIrVdLlMkWb444dxdP6Xvb9aOMpvopBDuvzYPR3xzZ202DZbZ0sIEVu8 +8a+09JbRmEI2/Ee+em6a/Y4T
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA256.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 84:a1:70:1d:0a:92:d3:cd + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:03 2017 GMT + Not After : Mar 28 04:51:03 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA1-ROOT_CA_SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:d6:37:af:2f:57:9e:c4:3e:a3:d9:0e:db:e2:db: + e3:48:e2:d7:f1:52:09:1a:58:95:db:aa:b2:ca:b8: + 02:42:f1:b7:df:f5:e7:59:a4:c5:c6:03:2a:8c:a4: + 30:eb:ec:c0:23:b3:fd:d3:0d:8a:55:69:66:0d:21: + de:62:c2:a6:a6:22:66:c1:2d:87:ff:2b:42:ce:91: + a5:fa:f9:3c:a8:81:aa:b0:c1:d3:55:af:24:79:79: + 87:06:5c:48:89:63:53:09:da:68:33:08:d7:86:27: + 4f:75:e2:ac:25:97:7c:64:8c:01:68:94:1e:a8:f5: + 0a:08:6c:b0:77:71:cb:65:d2:fc:3a:a0:0a:22:dd: + 32:96:43:12:7e:50:8e:bf:b8:1a:2d:5f:97:90:f7: + 3d:5b:fc:c0:ec:e8:f3:57:1c:1d:b6:8d:80:23:e2: + d3:9e:3c:c6:71:ab:b0:15:0b:04:c5:a5:66:c7:2b: + c8:f9:7e:d5:f1:a5:5a:14:e4:40:8d:1d:f2:00:1c: + ba:6b:26:a7:3f:94:a7:5f:ee:b3:32:7e:56:ec:8c: + 3f:27:57:b4:f0:63:e1:56:ed:67:ce:42:08:89:86: + 4d:0e:2b:75:5a:05:e4:ac:a2:fa:4e:3b:08:d2:e0: + ba:6c:6b:38:77:79:45:de:64:95:24:96:b6:2b:31: + f2:37 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:A3:52:9D:82:6F:DD:C6:1D + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 56:fb:b0:ab:a6:bb:3a:55:04:ed:5c:3b:ae:0c:0d:32:8f:aa: + ec:b7:24:2c:d5:37:b9:1f:91:64:21:c2:c0:6d:bc:d4:d4:5e: + e2:f1:12:ad:34:02:93:65:10:6c:93:93:2c:23:53:e8:ed:96: + c7:3b:6b:44:df:ff:24:8b:c1:cc:26:b2:1e:8f:26:66:34:3a: + bb:7d:ef:4e:a6:7e:b2:c8:93:c9:f7:46:5a:de:40:88:70:28: + c7:d1:fd:27:c3:99:fd:6a:a1:a5:e1:6d:c3:5a:bc:99:28:95: + e9:17:ed:a4:56:a5:04:ad:fb:74:a2:01:26:2a:5a:45:bc:7b: + 0d:df:0c:41:79:8b:b4:15:50:cd:88:ce:f5:a7:ee:cb:d2:5b: + 76:81:4c:1b:09:92:0e:e9:c6:42:df:b7:81:9e:89:3d:49:ed: + 17:fa:d2:2f:bd:8b:74:d5:cb:ce:af:46:6a:74:b3:34:a0:c5: + a0:64:66:7a:80:59:15:1e:de:16:df:11:3d:1e:96:e2:e5:2d: + f1:4d:20:f3:f6:f1:19:aa:ac:f8:b4:6e:76:a0:26:6c:cd:90: + f2:23:35:a0:8b:c8:e8:5d:27:5d:34:d3:69:74:61:c5:ac:6a: + 54:e9:86:8d:ca:ca:16:03:48:7f:cd:23:43:41:e2:77:3a:5d: + f2:3e:de:fa +-----BEGIN CERTIFICATE----- +MIID3DCCAsSgAwIBAgIJAIShcB0KktPNMA0GCSqGSIb3DQEBBQUAMF8xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRcwFQYDVQQDDA5ST09UX0NBX1NIQTI1NjAeFw0xNzAz +MzAwNDUxMDNaFw0yNzAzMjgwNDUxMDNaMG0xCzAJBgNVBAYTAlVTMQswCQYDVQQI +DAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMQ0wCwYDVQQLDARKYXZh +MSUwIwYDVQQDDBxJTlRFUl9DQV9TSEExLVJPT1RfQ0FfU0hBMjU2MIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jevL1eexD6j2Q7b4tvjSOLX8VIJGliV +26qyyrgCQvG33/XnWaTFxgMqjKQw6+zAI7P90w2KVWlmDSHeYsKmpiJmwS2H/ytC +zpGl+vk8qIGqsMHTVa8keXmHBlxIiWNTCdpoMwjXhidPdeKsJZd8ZIwBaJQeqPUK +CGywd3HLZdL8OqAKIt0ylkMSflCOv7gaLV+XkPc9W/zA7OjzVxwdto2AI+LTnjzG +cauwFQsExaVmxyvI+X7V8aVaFORAjR3yABy6ayanP5SnX+6zMn5W7Iw/J1e08GPh +Vu1nzkIIiYZNDit1WgXkrKL6TjsI0uC6bGs4d3lF3mSVJJa2KzHyNwIDAQABo4GM +MIGJMHkGA1UdIwRyMHChY6RhMF8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEN +MAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMQ0wCwYDVQQLDARKYXZhMRcwFQYD +VQQDDA5ST09UX0NBX1NIQTI1NoIJAKNSnYJv3cYdMAwGA1UdEwQFMAMBAf8wDQYJ +KoZIhvcNAQEFBQADggEBAFb7sKumuzpVBO1cO64MDTKPquy3JCzVN7kfkWQhwsBt +vNTUXuLxEq00ApNlEGyTkywjU+jtlsc7a0Tf/ySLwcwmsh6PJmY0Ort9706mfrLI +k8n3RlreQIhwKMfR/SfDmf1qoaXhbcNavJkolekX7aRWpQSt+3SiASYqWkW8ew3f +DEF5i7QVUM2IzvWn7svSW3aBTBsJkg7pxkLft4GeiT1J7Rf60i+9i3TVy86vRmp0 +szSgxaBkZnqAWRUe3hbfET0eluLlLfFNIPP28RmqrPi0bnagJmzNkPIjNaCLyOhd +J10002l0YcWsalTpho3KyhYDSH/NI0NB4nc6XfI+3vo= +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA1-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDh12cWta4H1sY6 +KHyfvxSJk1JIUAe08JFmHwvO0Eb6LRmKrqwbXEyGs0CPGhMlnmxjvrfXbKkUjodY +9ByxSBa7zYaVdPDGKDQ3HvPxyjZ0npPrHDII2wR+0UOD0ftkDbPHWQFBsl0OY/sI +pRzihYRh8MwCrADdza3vHPrNBz2umuM5jnN20FVIGKhGMGbg5eackBmgvcaWT6BW +B67iYRWVRwLywdSE+imOIS4P7ivndBe1DlB+z4oBmbBwYkM+5WyR3yT4+stdByyn +naL+kExsC/TWDw+sE9TQUo2zqRbNI1j8UhBaQZz1pbX5YeGPTq/Z2J8EGvPxz6VY +PmkDyMl3AgMBAAECggEAKrlDKUqpZ5Y73di26smNKxGRqVhqfNJdz0HkS/We18kc +Yd31dR+a4oial/fI038K5ju4L6rAucDU3gEgRHFsy45v/Won+nS0nBDg+UbV0m4F +cZ7d4Er+qLcR3KgmtKDa98VgtXr2m7hSTypdMoUrrBOPpJnBeDRmyStkTtEl3Bfa +Fh72SZXNauGvB5+qrbPhls1HoWVbzZ3i6oUCBDrfmLD6G0ipGM+AQICmXjYX8OxT +Ye5u/6DU4TkWu5A6/1m0Q4clGZXSeMx2d4PkZ0jZKOXdhwvzAaGh7I0AkuA4ZlCj +slXENyAzQhm4EHHWxvld11e8oEh4DUfWtUXeLttawQKBgQDybE5gjAZdv+5BJXWV +l2G+zb5tKHWd0XQQ2epktX+i+iA5lA0bLkAA4rrmZVsDEc4D2yjINsopBHTjwvtV +F/LBBWIynm6MkIyjY6+0fBfoikz9ebKikuf1YRoRC5Dl0pd2Wa/ps2wowDbQnj3o +4e6x+z0WviyL+uRr1JyotR2J5wKBgQDufVw64Z6AdWThlnP8qXqW12QQBd5qChPr +fHJEkx0ViBoM97yalVzDssXn4X2ESVDqtsxH21SzKzDGzLoCG3PwCPgp9zWk9GS/ +HfhXFzI3qHIlI+s6481vjqDnXtvJ7oHutxYkkYQXSMgC69jeRY0nW78Bz03BAYjQ +boRmeK1x8QKBgQDw9VBOTMADLUPvQwGGKAsC8VQHAgEuVcONAF0nrvPoFcA0GwGP +87+wYayuVy5IdckVMiBuKW91p7VbsjHJGd2zl9tMPwfY9dCkkvBRcEr/W4A9Llqt +l2GyF8smCB4FIfZkr67Xlvy54Jxbbf5RXUi5ZeUJlwuGM2IaACGa2zM6HwKBgEmW +iOTqRTwh/RTWlcd6jAcLQybmiLBzl53r8l5SfoDsVA14S8vvFoaUHRjlrRMqhDtI +WFQ7yzDVvOE6vpJz4hxIyDo6u2TAvG10U/Kbh7VA1qe7I5QyQmuPuPprfKocXB9K +gxyZggalQIIWP/6lu15PoupuCvHpBUw7LcNorSwhAoGAXXBcp4U369B3ld+M+hC9 +G+2VttaC2917iqoM8R7WOiwez+10s+fNv89B6DjZxeX5haa7bbB+RvfqN8OysIRK +m0Bh4w6q/JuRydj9T5sJLk9oUrEFLncqihlNT+1WEwR5x50OODYjpHz1YORo5HzL +cnXKk8xTZFE7mXD1ZJoRLxc=
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA1.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 8d:a0:d2:8a:ee:0b:cf:64 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA1 + Validity + Not Before: Mar 30 04:51:03 2017 GMT + Not After : Mar 28 04:51:03 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA256-ROOT_CA_SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:e1:d7:67:16:b5:ae:07:d6:c6:3a:28:7c:9f:bf: + 14:89:93:52:48:50:07:b4:f0:91:66:1f:0b:ce:d0: + 46:fa:2d:19:8a:ae:ac:1b:5c:4c:86:b3:40:8f:1a: + 13:25:9e:6c:63:be:b7:d7:6c:a9:14:8e:87:58:f4: + 1c:b1:48:16:bb:cd:86:95:74:f0:c6:28:34:37:1e: + f3:f1:ca:36:74:9e:93:eb:1c:32:08:db:04:7e:d1: + 43:83:d1:fb:64:0d:b3:c7:59:01:41:b2:5d:0e:63: + fb:08:a5:1c:e2:85:84:61:f0:cc:02:ac:00:dd:cd: + ad:ef:1c:fa:cd:07:3d:ae:9a:e3:39:8e:73:76:d0: + 55:48:18:a8:46:30:66:e0:e5:e6:9c:90:19:a0:bd: + c6:96:4f:a0:56:07:ae:e2:61:15:95:47:02:f2:c1: + d4:84:fa:29:8e:21:2e:0f:ee:2b:e7:74:17:b5:0e: + 50:7e:cf:8a:01:99:b0:70:62:43:3e:e5:6c:91:df: + 24:f8:fa:cb:5d:07:2c:a7:9d:a2:fe:90:4c:6c:0b: + f4:d6:0f:0f:ac:13:d4:d0:52:8d:b3:a9:16:cd:23: + 58:fc:52:10:5a:41:9c:f5:a5:b5:f9:61:e1:8f:4e: + af:d9:d8:9f:04:1a:f3:f1:cf:a5:58:3e:69:03:c8: + c9:77 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA1 + serial:F1:3B:B7:FB:28:3F:52:09 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 24:74:94:0a:7d:81:62:16:ed:4e:0f:e2:19:06:bd:8b:7a:e4: + 35:63:4c:73:ec:3a:45:d7:2a:8c:80:e6:6b:d9:26:7d:78:9f: + 6b:36:f9:fd:94:f7:ac:86:3c:0e:95:66:80:f3:0b:93:0f:44: + 0a:05:76:d9:1d:c6:37:6f:ea:02:b9:29:e9:96:11:d1:e6:1e: + 70:95:31:77:22:ed:3c:96:ad:9f:74:8c:41:f5:44:47:a2:4e: + d4:58:86:92:31:36:94:90:05:9d:94:16:8c:f8:c8:18:7b:45: + dc:49:45:53:63:06:bb:c6:a9:33:72:fe:48:7b:0e:21:89:e2: + 6c:44:29:3c:10:65:c6:7d:8e:6c:cb:95:ea:a1:ae:3b:c1:12: + 98:ce:b9:c8:98:12:0d:ac:a7:bd:31:cc:aa:ac:51:b4:a7:33: + 5b:60:0d:d6:ed:e0:29:5a:29:f5:fc:e0:27:db:77:88:fd:59: + 0c:02:70:d8:f4:1d:89:88:13:94:55:5b:77:a3:a6:8e:18:9a: + b8:82:5b:64:27:8c:ef:10:6a:df:ed:fd:a4:b5:2b:44:0f:5f: + 89:08:15:48:df:b0:13:08:7c:08:cc:07:ea:b8:a6:17:ab:35: + 65:07:2c:b9:ec:9a:d0:1f:e7:b9:a7:36:9e:24:f7:73:10:e0: + 70:6c:78:6e +-----BEGIN CERTIFICATE----- +MIID2DCCAsCgAwIBAgIJAI2g0oruC89kMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRUwEwYDVQQDDAxST09UX0NBX1NIQTEwHhcNMTcwMzMw +MDQ1MTAzWhcNMjcwMzI4MDQ1MTAzWjBtMQswCQYDVQQGEwJVUzELMAkGA1UECAwC +Q0ExDTALBgNVBAcMBENpdHkxDDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEl +MCMGA1UEAwwcSU5URVJfQ0FfU0hBMjU2LVJPT1RfQ0FfU0hBMTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAOHXZxa1rgfWxjoofJ+/FImTUkhQB7TwkWYf +C87QRvotGYqurBtcTIazQI8aEyWebGO+t9dsqRSOh1j0HLFIFrvNhpV08MYoNDce +8/HKNnSek+scMgjbBH7RQ4PR+2QNs8dZAUGyXQ5j+wilHOKFhGHwzAKsAN3Nre8c ++s0HPa6a4zmOc3bQVUgYqEYwZuDl5pyQGaC9xpZPoFYHruJhFZVHAvLB1IT6KY4h +Lg/uK+d0F7UOUH7PigGZsHBiQz7lbJHfJPj6y10HLKedov6QTGwL9NYPD6wT1NBS +jbOpFs0jWPxSEFpBnPWltflh4Y9Or9nYnwQa8/HPpVg+aQPIyXcCAwEAAaOBijCB +hzB3BgNVHSMEcDBuoWGkXzBdMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTAL +BgNVBAcMBENpdHkxDDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEVMBMGA1UE +AwwMUk9PVF9DQV9TSEExggkA8Tu3+yg/UgkwDAYDVR0TBAUwAwEB/zANBgkqhkiG +9w0BAQsFAAOCAQEAJHSUCn2BYhbtTg/iGQa9i3rkNWNMc+w6RdcqjIDma9kmfXif +azb5/ZT3rIY8DpVmgPMLkw9ECgV22R3GN2/qArkp6ZYR0eYecJUxdyLtPJatn3SM +QfVER6JO1FiGkjE2lJAFnZQWjPjIGHtF3ElFU2MGu8apM3L+SHsOIYnibEQpPBBl +xn2ObMuV6qGuO8ESmM65yJgSDaynvTHMqqxRtKczW2AN1u3gKVop9fzgJ9t3iP1Z +DAJw2PQdiYgTlFVbd6OmjhiauIJbZCeM7xBq3+39pLUrRA9fiQgVSN+wEwh8CMwH +6rimF6s1ZQcsueya0B/nuac2niT3cxDgcGx4bg== +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDbXbqJwTisc3wF +Z6MYWonNxMsWBfNfwFB/KLQfEfZ+phvReORvJZ5lVT/1gTVs5/QhREU0qW48OxyM +NXKgkcBZGLkRvVlDaOEcbTIDa4PYf7rnsTtU8DWYuyqqmeBnJ2ViKJ3ZGA750ctm +ZsDZlWdwE5iCqX3hA/pfHGu+CNiW2jWSulookdIPqdJeLiwgnntm5tZFxoZ9hD1h +J88iRqmqpS4joYXPxUNxfJ49Nx4iRfrx7HpyUVg3i5Q2q/AVuVSwbbPfNaQrG71V +EbK0K7EjtL8Gw8DCS8Gvr0ApIpabA644BueWA9skjns9lvfSuH76Y5e2nHGJiOz7 +LWMFV24LAgMBAAECggEAD546u7gQCucl+1SHniJEEWxjcSv3SeftU0BYoqWqwRWe +gWl0Ch3Jizlollger6RME1pC+x7dBFjJDYp4oMn/wdgqxQKQKmZ7MITtvKSY/H8L +lZdevAtmJXud7AuMmIuLglOV+XDnEA5Jxv6l2Ff0x1v9zb+3gJ/B4aeqXBtRIFxD +CfCcvcN1Bl+jj2fvS8iRrqofGa6DGXZVZvtIVjIvJnR1YBVMVYBNs6kcscM5Nblr +PJFDDsg+Ph7hq5gpwj7pyb4e54sn06pdfBLgGkHJ82tCNkc+f4Ee2M7MoS//m4IC +ajV+xht4REHuB7h5GM50TF5Gziianyc3g8//M7sC8QKBgQD7tvSzJK1N0w9NPK1e +Q5zfEWxU1c7dJ/hr81OpvEzUut1vZeKT1mydtA0YJftDTFTXe5fsPKNTIrL4BWUw +PLa3jWQNNDSLDNhdoqKrno+017pD7+p8G8x3AfyHxn6x2Shoz0jHTnGf+Q0vnvdT +ZTFpWU+3J8Wp4+1Nx2lwGGEJXwKBgQDfGcnk/fTSs/QQNgzkC1HaQ35b66eEBwK3 +yi8KNsNxDByvdYGxaK/tLRiZIsKMxAV+3jebfA4WSgDkenmzGLn4gYUr5gkkmEW5 +irETT+HDK8LeM2iIbCROactwu3ytJrgpaoDXxRbDsGCUf98hjz1JDCR94wjGH78H +K3Pmbm6e1QKBgEIuTVIYj5RJrNlC3dZN8p3Xx+LaQER3cOJ5HIMhJhY8d2IFqLf0 +BaTFJTg3LEP6esgZD82l988w7Vs2l+9B10yVWTv7gOEaZHzh+OEklGYY3jlkiANP +j8eudwX/02nRTcWY0mrMniVQZv4hTqfXkFFBkSr3wwmzCr6LcpZtYn4DAoGBAIEm +2bTBu1/aoxhbYd0GHI1g8x5dbm1E7bLdzZt5Fm00GMsOGFVOiEGiEJJeCAgbVh8a +n1BYYYNPtfKOYDNoxgfxWtmN4o8Xw41kl5vZa5VjmPyu//2xtNbb8dTCBKvsNUJs +kEfYpZQFX/O3jsFLvauy5tElhCfFqv2IjyC/nzQ9AoGBAJLCz62crl/AXqArSnAH +efX9ozrNMJMQDMDtw5xB/EqRMazmTlqkYr0H4iTS69QNAPr8czdmpY6uO6BRE9+/ +f/tWZXQj7eT8pd1Dp2Ed1vHsOfiAUha0cYUMrqshsqKNXrCxl7144iRGZY7OjFI1 +USqVVNaci2IrtW5+NGV62BYP
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA256.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 84:a1:70:1d:0a:92:d3:cc + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:02 2017 GMT + Not After : Mar 28 04:51:02 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA256-ROOT_CA_SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:db:5d:ba:89:c1:38:ac:73:7c:05:67:a3:18:5a: + 89:cd:c4:cb:16:05:f3:5f:c0:50:7f:28:b4:1f:11: + f6:7e:a6:1b:d1:78:e4:6f:25:9e:65:55:3f:f5:81: + 35:6c:e7:f4:21:44:45:34:a9:6e:3c:3b:1c:8c:35: + 72:a0:91:c0:59:18:b9:11:bd:59:43:68:e1:1c:6d: + 32:03:6b:83:d8:7f:ba:e7:b1:3b:54:f0:35:98:bb: + 2a:aa:99:e0:67:27:65:62:28:9d:d9:18:0e:f9:d1: + cb:66:66:c0:d9:95:67:70:13:98:82:a9:7d:e1:03: + fa:5f:1c:6b:be:08:d8:96:da:35:92:ba:5a:28:91: + d2:0f:a9:d2:5e:2e:2c:20:9e:7b:66:e6:d6:45:c6: + 86:7d:84:3d:61:27:cf:22:46:a9:aa:a5:2e:23:a1: + 85:cf:c5:43:71:7c:9e:3d:37:1e:22:45:fa:f1:ec: + 7a:72:51:58:37:8b:94:36:ab:f0:15:b9:54:b0:6d: + b3:df:35:a4:2b:1b:bd:55:11:b2:b4:2b:b1:23:b4: + bf:06:c3:c0:c2:4b:c1:af:af:40:29:22:96:9b:03: + ae:38:06:e7:96:03:db:24:8e:7b:3d:96:f7:d2:b8: + 7e:fa:63:97:b6:9c:71:89:88:ec:fb:2d:63:05:57: + 6e:0b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:A3:52:9D:82:6F:DD:C6:1D + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 3f:f2:91:96:59:da:c1:8a:8c:4d:eb:25:1f:74:87:6f:fc:2e: + 92:7e:44:ff:a7:0b:78:aa:6d:2b:fe:b8:0a:b9:e9:bc:19:87: + 44:15:e1:3a:e4:54:e6:4b:54:3c:75:d9:f8:c9:07:83:74:f4: + 4c:ab:e4:6b:19:64:b6:4b:69:44:6e:74:f6:66:cf:16:43:8f: + 9c:cb:20:e4:7a:5e:78:13:00:6f:28:78:8d:c5:05:46:a9:92: + 0f:d0:38:c3:8b:0e:39:d4:87:e9:ee:35:07:78:dd:1a:1a:8c: + 3a:36:56:4e:3b:96:7a:d1:2c:29:95:06:29:ac:b2:f7:5c:fc: + 09:1c:72:24:e2:9e:72:bf:60:3a:7a:9b:59:35:48:6a:d2:3e: + 76:7f:ad:41:45:a5:6f:93:96:10:c4:4c:cf:3f:f1:1d:00:5f: + d1:60:f1:88:86:d8:ef:ff:72:63:8f:4c:df:9e:35:cb:17:2c: + 16:7b:d4:6c:0e:67:b6:ee:bc:68:07:b0:99:df:c5:f3:88:28: + a1:46:bb:6d:f5:2c:45:6b:e9:90:c0:78:35:20:73:14:5a:d0: + a5:56:cb:04:f4:43:a7:cf:28:f5:a3:5b:ac:f2:a3:4c:f6:39: + 3c:ef:f4:b1:42:20:8e:2a:14:0d:a1:b4:38:b2:f2:6c:14:33: + 05:04:bb:a7 +-----BEGIN CERTIFICATE----- +MIID3jCCAsagAwIBAgIJAIShcB0KktPMMA0GCSqGSIb3DQEBCwUAMF8xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRcwFQYDVQQDDA5ST09UX0NBX1NIQTI1NjAeFw0xNzAz +MzAwNDUxMDJaFw0yNzAzMjgwNDUxMDJaMG8xCzAJBgNVBAYTAlVTMQswCQYDVQQI +DAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMQ0wCwYDVQQLDARKYXZh +MScwJQYDVQQDDB5JTlRFUl9DQV9TSEEyNTYtUk9PVF9DQV9TSEEyNTYwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbXbqJwTisc3wFZ6MYWonNxMsWBfNf +wFB/KLQfEfZ+phvReORvJZ5lVT/1gTVs5/QhREU0qW48OxyMNXKgkcBZGLkRvVlD +aOEcbTIDa4PYf7rnsTtU8DWYuyqqmeBnJ2ViKJ3ZGA750ctmZsDZlWdwE5iCqX3h +A/pfHGu+CNiW2jWSulookdIPqdJeLiwgnntm5tZFxoZ9hD1hJ88iRqmqpS4joYXP +xUNxfJ49Nx4iRfrx7HpyUVg3i5Q2q/AVuVSwbbPfNaQrG71VEbK0K7EjtL8Gw8DC +S8Gvr0ApIpabA644BueWA9skjns9lvfSuH76Y5e2nHGJiOz7LWMFV24LAgMBAAGj +gYwwgYkweQYDVR0jBHIwcKFjpGEwXzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNB +MQ0wCwYDVQQHDARDaXR5MQwwCgYDVQQKDANPcmcxDTALBgNVBAsMBEphdmExFzAV +BgNVBAMMDlJPT1RfQ0FfU0hBMjU2ggkAo1Kdgm/dxh0wDAYDVR0TBAUwAwEB/zAN +BgkqhkiG9w0BAQsFAAOCAQEAP/KRllnawYqMTeslH3SHb/wukn5E/6cLeKptK/64 +CrnpvBmHRBXhOuRU5ktUPHXZ+MkHg3T0TKvkaxlktktpRG509mbPFkOPnMsg5Hpe +eBMAbyh4jcUFRqmSD9A4w4sOOdSH6e41B3jdGhqMOjZWTjuWetEsKZUGKayy91z8 +CRxyJOKecr9gOnqbWTVIatI+dn+tQUWlb5OWEMRMzz/xHQBf0WDxiIbY7/9yY49M +3541yxcsFnvUbA5ntu68aAewmd/F84gooUa7bfUsRWvpkMB4NSBzFFrQpVbLBPRD +p88o9aNbrPKjTPY5PO/0sUIgjioUDaG0OLLybBQzBQS7pw== +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA1-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDhROyqYZ5UdQJ0 +xJdG4B+aXPHbIKV0w5AvJ7r4SuvIJ/4pEmV6fIU3+4CvN2sXKzW+0DppOBz99Oe6 +19jfMAx5t0pKHkwh5J0bduLf1k83lm8CvoX1a9lYY6ER4Y8wWtTcHG016onl8Lxq +QVqlqbk9zsbNipvWxipIQOgzq7DmTXQ2Hrx0tg4DROlgwuarPBWcZjq6dG09nI0E +zSY/Wis619L/6sdCxGFhvnJ0YbULvIqdR2J638KEO+rx1RXD66Jqc0KhnGZLf7NT +YfTlY0zIMHE8oMkJPdH9tPKbyXMXhiG/u5x81RcJxT4gLi5fq2yrvMsaUC13bnJJ +npFNy6XTAgMBAAECggEAPS4h9Jg0jw2EUEBAMaCXFK5fhTrVlOO0Ggp5TgvTA3ZR +Ich8RQrih3TH2056yD0VCLC23HK/9Pz5npYWsW70RG5SP9UAqkfTn2znaxFiTF+P +4Lfr296hlc7hJOEUqXZRz0HtKzJ6pzd9hIIhY1K4G6A4AATAFFGXlC4Eolvj3Hf0 +NgVFDYaFDEpEiin+fAsM5c1ZE0pxRZSVE5Emr9XvkvxLm5dK9lKOyyOQ+5RHhxQ6 +J4n+6Ct0O+FkeP9u3jTMtew9gxTwvHSgkf05hSRoqgMKcusKpqhHp6E4mT7sus7q +AYzdv5sNIcx7PpojuHjploMH7ghhYxCmVOOFxXJ4CQKBgQD2naA8zZnh5BfbVC8p +C9A6HfwnZ7cCjGtL30y8fh8OAMHbdGE4JXlhifPgW7PDxZ0Yho4rYd9MxLVcGl+p +YPOKKcaKbzwdUJwZ4Zs1dJC+LTRqku6O3qlEofeojHN5IctLoLqDsiZBD7aT4l+O +wmAWqwLZZQtiFpA/jbCb/Qw7tQKBgQDp11rFSHLKuVdMuSnUon3WN6lj9WNM3KFy +C8R4EN/DTnuHrVL0MCff9eddBYvpQe0z/LA74oAD9fSjmtYe/24qIm2lAWVkwxBm +yyspUmOybU8Q3GN8xw1Vrwg8JR5JVAOwKHwCGmybT7Zs+9eJRONnnZ6nUbTQ94cP +sJVkyGUgZwKBgQCd/0CAk+xpl1tdbiLEtkfSZBF/IWhTXqkDM+2SuW6l5wBL29TJ +RuDsB5jR/Y4+96T86H++9XY9Va0nc9IjzvRYaQlE+ZzW3yUTQ8HPTn3JCWcSfE4Q +BEEHsojbWBhG28rGChRUeVceybVcK2SzLn6nJyqtIppXXkNOJDWoykcDHQKBgHzY +27+k1JTjq3ZtDaZXMvQiN7AEnYW17gRjv/uSlsVBq7ZelYGGDGQIeAQ0J+Tbq/cr +nDP80/hJYtnOmy9llL2uL/f+7NGFS8Z2Bo9DS7NBpQsNf5ho9fefQbhK4Qapcmak +1sCQtxec0XsSYpsJSphRkRkoCG/hGB0KXFi4nTVVAoGAJrrh1rG1UMXmFUpraXIy +Mc58lEYB87EkMOthyK8XklxLoYKPZlVS7AZZDtQMpRC6YnweiX6LmO4AamtlT71x +BzQgmwHn4wOaysDPHFuf5hNCobXJREoiNzHb4AcqiZ7SNAW5Jd+0/PSY47hrDnRy +wNFyg3O0k3kaXz5h3lVhxo4=
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA1.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + f1:3b:b7:fb:28:3f:52:09 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA1 + Validity + Not Before: Mar 30 04:51:01 2017 GMT + Not After : Mar 28 04:51:01 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:e1:44:ec:aa:61:9e:54:75:02:74:c4:97:46:e0: + 1f:9a:5c:f1:db:20:a5:74:c3:90:2f:27:ba:f8:4a: + eb:c8:27:fe:29:12:65:7a:7c:85:37:fb:80:af:37: + 6b:17:2b:35:be:d0:3a:69:38:1c:fd:f4:e7:ba:d7: + d8:df:30:0c:79:b7:4a:4a:1e:4c:21:e4:9d:1b:76: + e2:df:d6:4f:37:96:6f:02:be:85:f5:6b:d9:58:63: + a1:11:e1:8f:30:5a:d4:dc:1c:6d:35:ea:89:e5:f0: + bc:6a:41:5a:a5:a9:b9:3d:ce:c6:cd:8a:9b:d6:c6: + 2a:48:40:e8:33:ab:b0:e6:4d:74:36:1e:bc:74:b6: + 0e:03:44:e9:60:c2:e6:ab:3c:15:9c:66:3a:ba:74: + 6d:3d:9c:8d:04:cd:26:3f:5a:2b:3a:d7:d2:ff:ea: + c7:42:c4:61:61:be:72:74:61:b5:0b:bc:8a:9d:47: + 62:7a:df:c2:84:3b:ea:f1:d5:15:c3:eb:a2:6a:73: + 42:a1:9c:66:4b:7f:b3:53:61:f4:e5:63:4c:c8:30: + 71:3c:a0:c9:09:3d:d1:fd:b4:f2:9b:c9:73:17:86: + 21:bf:bb:9c:7c:d5:17:09:c5:3e:20:2e:2e:5f:ab: + 6c:ab:bc:cb:1a:50:2d:77:6e:72:49:9e:91:4d:cb: + a5:d3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA1 + serial:F1:3B:B7:FB:28:3F:52:09 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 0b:be:7b:c7:53:14:87:37:02:66:37:f5:6f:38:3c:75:b3:72: + f6:f8:9c:77:4d:9a:e4:5c:23:3a:4a:5f:aa:6e:90:23:e9:b8: + 48:fd:6d:e1:88:b5:a2:a5:0a:30:c0:7d:33:a8:6f:79:42:52: + 80:f8:87:4b:2a:15:0a:ff:14:88:97:21:12:89:1c:d3:33:bf: + fa:4f:5e:68:9a:c6:69:2f:aa:1d:31:aa:80:f5:b0:d3:72:c9: + fa:ce:3b:5f:15:a6:61:e0:f1:d1:ab:e7:40:48:c1:d4:30:bd: + 0a:13:37:0d:ea:ac:38:b2:af:1b:78:3a:29:53:ee:90:71:3b: + 2b:a4:8b:16:e9:da:94:59:44:3d:7f:34:fb:0a:d1:6b:db:3d: + 66:01:a6:0f:98:b5:cc:57:39:b9:09:f2:01:cc:e5:89:86:7d: + f2:9a:b2:ad:08:3d:da:05:f9:24:1e:30:98:cc:92:a9:4c:4a: + cf:a3:53:6e:7f:5e:db:aa:43:9c:ac:b1:b5:80:ab:7e:a3:89: + 71:37:c2:4a:c1:16:9d:26:d5:70:89:8a:8e:a8:cb:40:3b:b8: + f0:d2:31:54:c2:1f:fc:24:5e:29:c1:5e:86:48:1e:83:4e:44: + 30:ff:8d:46:47:b6:0e:9c:77:bf:ba:08:8b:bd:eb:b7:ca:45: + 0a:e3:0c:ec +-----BEGIN CERTIFICATE----- +MIIDyDCCArCgAwIBAgIJAPE7t/soP1IJMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRUwEwYDVQQDDAxST09UX0NBX1NIQTEwHhcNMTcwMzMw +MDQ1MTAxWhcNMjcwMzI4MDQ1MTAxWjBdMQswCQYDVQQGEwJVUzELMAkGA1UECAwC +Q0ExDTALBgNVBAcMBENpdHkxDDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEV +MBMGA1UEAwwMUk9PVF9DQV9TSEExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEA4UTsqmGeVHUCdMSXRuAfmlzx2yCldMOQLye6+ErryCf+KRJlenyFN/uA +rzdrFys1vtA6aTgc/fTnutfY3zAMebdKSh5MIeSdG3bi39ZPN5ZvAr6F9WvZWGOh +EeGPMFrU3BxtNeqJ5fC8akFapam5Pc7GzYqb1sYqSEDoM6uw5k10Nh68dLYOA0Tp +YMLmqzwVnGY6unRtPZyNBM0mP1orOtfS/+rHQsRhYb5ydGG1C7yKnUdiet/ChDvq +8dUVw+uianNCoZxmS3+zU2H05WNMyDBxPKDJCT3R/bTym8lzF4Yhv7ucfNUXCcU+ +IC4uX6tsq7zLGlAtd25ySZ6RTcul0wIDAQABo4GKMIGHMHcGA1UdIwRwMG6hYaRf +MF0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoG +A1UECgwDT3JnMQ0wCwYDVQQLDARKYXZhMRUwEwYDVQQDDAxST09UX0NBX1NIQTGC +CQDxO7f7KD9SCTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQALvnvH +UxSHNwJmN/VvODx1s3L2+Jx3TZrkXCM6Sl+qbpAj6bhI/W3hiLWipQowwH0zqG95 +QlKA+IdLKhUK/xSIlyESiRzTM7/6T15omsZpL6odMaqA9bDTcsn6zjtfFaZh4PHR +q+dASMHUML0KEzcN6qw4sq8beDopU+6QcTsrpIsW6dqUWUQ9fzT7CtFr2z1mAaYP +mLXMVzm5CfIBzOWJhn3ymrKtCD3aBfkkHjCYzJKpTErPo1Nuf17bqkOcrLG1gKt+ +o4lxN8JKwRadJtVwiYqOqMtAO7jw0jFUwh/8JF4pwV6GSB6DTkQw/41GR7YOnHe/ +ugiLveu3ykUK4wzs +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA256-PRIV.key Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,26 @@ +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC2DzrIXts3huIs +dtX+ZbY6RR5/S4yXUs3jJXc4mbITLn7PO1QVBT528NZVOu6jUxXsPTpTg1jgresh +6Pcv1LNj7bP30uPXhmyawgQVUgLTGyU0+JWLJrpU7cEOTK4f/j58A+UHL255fM7T +B3EvIj2Ad1MAYwIvVZnAXPSFt72YGz15doYiewp8dTXcX4TsFisCbypFikWxpXIF +qjVqbAUx8fYgQxfPWFw4HbVvo3Nu1LqypswAfsmHd2v5nMv8wkAcPG5dIYHACN9r +kPLMoUNUcBLn6QdIUrhk7dldRlR0TWT+VtRLKVWlGkMk9rRK+RnskNSuPg8fjb/Y +gM0m5p0JAgMBAAECggEAPVk8cbClJjzpkhopWiRkF5abBEItCgD5KAXD+uqvuw77 +5FEVsE+oEORvFSFasOaaiJTJRsMH/A4fIbojMZb3LEE5V9VUuZeumSevwI92LDUF +gKgTnGRcfanwWCU2t8kwvRGC57zv+Tg5aZskZMGg/901tvemENVDjjLEoxqbZNmX +WZnhB8XiPxl9K32K0l+qNW3HvKJ8lkaW0L6/4HWWU4rYwbc9TZpzHDOXhAICQB76 +fCw4hcy1K6KjfGjfE/6afqMa76KSxxeCvUYorZlm2gk1WcEafkg9Jwzz2SWtsa8W +L+YzbTd1GE8Z9bDA88Dw3vgdC1Pt0ywX/fJ/GCDHUQKBgQDjNaW/enKYXGTsM5C1 +I94OgSmgnjnjPZIBY0u89iCAf07ueqrNaLJgOEkGpCrLEa4tC2qc57ge1DO2rxTa +6RowUzqG3Oqdsq21QaQZAmjjDC5mXlYPRpWvWVjBRaIDKw9zAUg9qEy24e/pRjdP +cugR30d1OaxExdgoAt8iOqZ67wKBgQDNIPqF/+npd1UAqgdC9lOxnPQly1zjz/zY +jbeJeww9Ut9aCXj0+we4gKhD37d178y1H2QBod+IPpqQ/uZmbNmN5JP+MIk2kZKB +4jquQLa5jEc+y57h8UrWJBY+Ls7xiu/cw3aCAk0JaZRSrH/KzWE91x3s7o2yV43d +dMkRmTTHhwKBgQCHaq4C1WP/UvIDpSgWDe6HDoxU4nj16vheQ2Qcl0T/0OCmWg36 +pu/JUUKU5rtqlHsO9cLxCVo/ZZH8y5TOdCfbrX8wafKbUqcdZKX9EeaZi+ULtiXs +rNEB1WqEpo/M+5kVnioENY6jYT2v9t14SK/wFvdr8pet1YzjK/L5X6NhmQKBgFK4 +0u7I9k61Ve0vpEAH0FaXIgo/yZUBYkj+VZ62pYfxbKsFmObKeSGZmMHObVC9RMNi +BlV2LwvlmzWP5eA2U0GahWgDsMH10KxaTCnLZSTMgkq7mLYrNW/IG8Q14jScQAC6 +PodNYD3EexEgCWUCkA19O885oKDkGAzPtOpI63TvAoGBAJvbKiJSFJNd3CIQlrOM +wNw+Sww+c2Qw4PZZvIJNzjWumjesfUsuAyySrO2nXPzzSOrh7dRW98suaFi1Mih6 +ZwBpIll5VQsd2dwEa6vp6RFGWFNKPvDILEVgcCEOmckKRWDo+fb5bx2VHj1v4kfG +MHDqy8Y2ercsU0Z5mEN8bUD7
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA256.cer Wed Jul 19 05:41:28 2017 +0100 @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + a3:52:9d:82:6f:dd:c6:1d + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:01 2017 GMT + Not After : Mar 28 04:51:01 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:b6:0f:3a:c8:5e:db:37:86:e2:2c:76:d5:fe:65: + b6:3a:45:1e:7f:4b:8c:97:52:cd:e3:25:77:38:99: + b2:13:2e:7e:cf:3b:54:15:05:3e:76:f0:d6:55:3a: + ee:a3:53:15:ec:3d:3a:53:83:58:e0:ad:eb:21:e8: + f7:2f:d4:b3:63:ed:b3:f7:d2:e3:d7:86:6c:9a:c2: + 04:15:52:02:d3:1b:25:34:f8:95:8b:26:ba:54:ed: + c1:0e:4c:ae:1f:fe:3e:7c:03:e5:07:2f:6e:79:7c: + ce:d3:07:71:2f:22:3d:80:77:53:00:63:02:2f:55: + 99:c0:5c:f4:85:b7:bd:98:1b:3d:79:76:86:22:7b: + 0a:7c:75:35:dc:5f:84:ec:16:2b:02:6f:2a:45:8a: + 45:b1:a5:72:05:aa:35:6a:6c:05:31:f1:f6:20:43: + 17:cf:58:5c:38:1d:b5:6f:a3:73:6e:d4:ba:b2:a6: + cc:00:7e:c9:87:77:6b:f9:9c:cb:fc:c2:40:1c:3c: + 6e:5d:21:81:c0:08:df:6b:90:f2:cc:a1:43:54:70: + 12:e7:e9:07:48:52:b8:64:ed:d9:5d:46:54:74:4d: + 64:fe:56:d4:4b:29:55:a5:1a:43:24:f6:b4:4a:f9: + 19:ec:90:d4:ae:3e:0f:1f:8d:bf:d8:80:cd:26:e6: + 9d:09 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:A3:52:9D:82:6F:DD:C6:1D + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 6f:2f:a4:56:d5:58:6d:20:74:6b:66:b7:41:eb:c2:8c:56:2e: + 1b:51:79:b0:07:a6:63:28:8b:20:40:b9:72:4b:f5:e0:6b:18: + 39:5b:b4:ae:50:58:25:81:86:e3:19:ec:b1:dd:fb:5c:f5:d4: + a8:7d:a0:50:46:ac:1e:80:dc:cc:aa:0c:61:f8:a3:41:af:03: + 35:a4:02:4f:23:c7:5c:36:26:90:fe:51:07:58:0f:e7:14:26: + 34:c2:a7:bd:f2:34:33:cf:67:e4:2d:82:b6:e8:94:85:d6:8b: + 01:6f:ba:3d:78:f6:db:3d:dc:ba:6e:6d:83:fa:ea:d0:60:ab: + 1b:ad:9b:e2:ba:e3:e3:9f:26:5b:9a:c7:fb:9f:c1:7d:cc:0b: + cf:23:e0:ac:e1:e4:09:08:84:98:d4:6e:16:34:a5:5e:74:d5: + a8:61:e1:65:f7:9a:51:9f:f0:9f:86:65:ce:4f:b8:b6:64:7d: + 86:62:21:ec:71:50:70:ca:6b:2e:74:12:51:b1:68:b0:4a:66: + 19:60:e9:f8:b0:bf:6e:d8:ad:75:29:c3:31:13:73:01:3d:d5: + d4:5b:c2:60:bb:c4:c8:e6:29:cf:a3:49:65:8d:c2:1d:7d:c9: + 75:33:9b:97:73:38:99:5c:7d:b3:9f:b0:be:0d:f4:6a:c6:19: + 8d:98:a1:ca +-----BEGIN CERTIFICATE----- +MIIDzjCCAragAwIBAgIJAKNSnYJv3cYdMA0GCSqGSIb3DQEBCwUAMF8xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRcwFQYDVQQDDA5ST09UX0NBX1NIQTI1NjAeFw0xNzAz +MzAwNDUxMDFaFw0yNzAzMjgwNDUxMDFaMF8xCzAJBgNVBAYTAlVTMQswCQYDVQQI +DAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMQ0wCwYDVQQLDARKYXZh +MRcwFQYDVQQDDA5ST09UX0NBX1NIQTI1NjCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBALYPOshe2zeG4ix21f5ltjpFHn9LjJdSzeMldziZshMufs87VBUF +Pnbw1lU67qNTFew9OlODWOCt6yHo9y/Us2Pts/fS49eGbJrCBBVSAtMbJTT4lYsm +ulTtwQ5Mrh/+PnwD5Qcvbnl8ztMHcS8iPYB3UwBjAi9VmcBc9IW3vZgbPXl2hiJ7 +Cnx1NdxfhOwWKwJvKkWKRbGlcgWqNWpsBTHx9iBDF89YXDgdtW+jc27UurKmzAB+ +yYd3a/mcy/zCQBw8bl0hgcAI32uQ8syhQ1RwEufpB0hSuGTt2V1GVHRNZP5W1Esp +VaUaQyT2tEr5GeyQ1K4+Dx+Nv9iAzSbmnQkCAwEAAaOBjDCBiTB5BgNVHSMEcjBw +oWOkYTBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTALBgNVBAcMBENpdHkx +DDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEXMBUGA1UEAwwOUk9PVF9DQV9T +SEEyNTaCCQCjUp2Cb93GHTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IB +AQBvL6RW1VhtIHRrZrdB68KMVi4bUXmwB6ZjKIsgQLlyS/Xgaxg5W7SuUFglgYbj +Geyx3ftc9dSofaBQRqwegNzMqgxh+KNBrwM1pAJPI8dcNiaQ/lEHWA/nFCY0wqe9 +8jQzz2fkLYK26JSF1osBb7o9ePbbPdy6bm2D+urQYKsbrZviuuPjnyZbmsf7n8F9 +zAvPI+Cs4eQJCISY1G4WNKVedNWoYeFl95pRn/CfhmXOT7i2ZH2GYiHscVBwymsu +dBJRsWiwSmYZYOn4sL9u2K11KcMxE3MBPdXUW8Jgu8TI5inPo0lljcIdfcl1M5uX +cziZXH2zn7C+DfRqxhmNmKHK +-----END CERTIFICATE-----
--- a/test/sun/security/tools/jarsigner/TimestampCheck.java Tue Jul 11 03:45:17 2017 +0100 +++ b/test/sun/security/tools/jarsigner/TimestampCheck.java Wed Jul 19 05:41:28 2017 +0100 @@ -463,7 +463,7 @@ .shouldMatch("Timestamp signature algorithm: .*key.*weak"); verify(file, "-J-Djava.security.debug=jar") .shouldHaveExitValue(0) - .shouldMatch("SignatureException:.*Disabled"); + .shouldMatch("SignatureException:.*disabled"); } static void checkHalfWeak(String file) throws Throwable {
--- a/test/sun/util/calendar/zi/tzdata/VERSION Tue Jul 11 03:45:17 2017 +0100 +++ b/test/sun/util/calendar/zi/tzdata/VERSION Wed Jul 19 05:41:28 2017 +0100 @@ -21,4 +21,4 @@ # or visit www.oracle.com if you need additional information or have any # questions. # -tzdata2017a +tzdata2017b
--- a/test/sun/util/calendar/zi/tzdata/africa Tue Jul 11 03:45:17 2017 +0100 +++ b/test/sun/util/calendar/zi/tzdata/africa Wed Jul 19 05:41:28 2017 +0100 @@ -443,18 +443,25 @@ # See Africa/Johannesburg. # Liberia -# From Paul Eggert (2006-03-22): -# In 1972 Liberia was the last country to switch -# from a UTC offset that was not a multiple of 15 or 20 minutes. -# Howse reports that it was in honor of their president's birthday. -# Shank & Pottenger report the date as May 1, whereas Howse reports Jan; -# go with Shanks & Pottenger. -# For Liberia before 1972, Shanks & Pottenger report -0:44, whereas Howse and -# Whitman each report -0:44:30; go with the more precise figure. +# +# From Paul Eggert (2017-03-02): +# +# The Nautical Almanac for the Year 1970, p 264, is the source for -0:44:30. +# +# In 1972 Liberia was the last country to switch from a UTC offset +# that was not a multiple of 15 or 20 minutes. The 1972 change was on +# 1972-01-07, according to an entry dated 1972-01-04 on p 330 of: +# Presidential Papers: First year of the administration of +# President William R. Tolbert, Jr., July 23, 1971-July 31, 1972. +# Monrovia: Executive Mansion. +# +# Use the abbreviation "MMT" before 1972, as the more-accurate numeric +# abbreviation "-004430" would be one byte over the POSIX limit. +# # Zone NAME GMTOFF RULES FORMAT [UNTIL] Zone Africa/Monrovia -0:43:08 - LMT 1882 -0:43:08 - MMT 1919 Mar # Monrovia Mean Time - -0:44:30 - -004430 1972 May + -0:44:30 - MMT 1972 Jan 7 # approximately MMT 0:00 - GMT ###############################################################################
--- a/test/sun/util/calendar/zi/tzdata/iso3166.tab Tue Jul 11 03:45:17 2017 +0100 +++ b/test/sun/util/calendar/zi/tzdata/iso3166.tab Wed Jul 19 05:41:28 2017 +0100 @@ -32,8 +32,8 @@ # All text uses UTF-8 encoding. The columns of the table are as follows: # # 1. ISO 3166-1 alpha-2 country code, current as of -# ISO 3166-1 Newsletter VI-16 (2013-07-11). See: Updates on ISO 3166 -# http://www.iso.org/iso/home/standards/country_codes/updates_on_iso_3166.htm +# ISO 3166-1 N905 (2016-11-15). See: Updates on ISO 3166-1 +# http://isotc.iso.org/livelink/livelink/Open/16944257 # 2. The usual English name for the coded region, # chosen so that alphabetic sorting of subsets produces helpful lists. # This is not the same as the English name in the ISO 3166 tables.
--- a/test/sun/util/calendar/zi/tzdata/northamerica Tue Jul 11 03:45:17 2017 +0100 +++ b/test/sun/util/calendar/zi/tzdata/northamerica Wed Jul 19 05:41:28 2017 +0100 @@ -3162,6 +3162,12 @@ # http://www.vantbefinfo.com/changement-dheure-pas-pour-haiti/ # http://news.anmwe.com/haiti-lheure-nationale-ne-sera-ni-avancee-ni-reculee-cette-annee/ +# From Steffen Thorsen (2017-03-12): +# We have received 4 mails from different people telling that Haiti +# has started DST again today, and this source seems to confirm that, +# I have not been able to find a more authoritative source: +# https://www.haitilibre.com/en/news-20319-haiti-notices-time-change-in-haiti.html + # Rule NAME FROM TO TYPE IN ON AT SAVE LETTER/S Rule Haiti 1983 only - May 8 0:00 1:00 D Rule Haiti 1984 1987 - Apr lastSun 0:00 1:00 D @@ -3174,6 +3180,8 @@ Rule Haiti 2005 2006 - Oct lastSun 0:00 0 S Rule Haiti 2012 2015 - Mar Sun>=8 2:00 1:00 D Rule Haiti 2012 2015 - Nov Sun>=1 2:00 0 S +Rule Haiti 2017 max - Mar Sun>=8 2:00 1:00 D +Rule Haiti 2017 max - Nov Sun>=1 2:00 0 S # Zone NAME GMTOFF RULES FORMAT [UNTIL] Zone America/Port-au-Prince -4:49:20 - LMT 1890 -4:49 - PPMT 1917 Jan 24 12:00 # P-a-P MT